-
libssh (0.9.4-1ubuntu3) groovy; urgency=medium
* debian/patches/git_close_error.patch:
- don't return an error if the server properly closed the channel
(lp: #1894982)
-- Sebastien Bacher <email address hidden> Thu, 10 Sep 2020 12:05:15 +0200
-
libssh (0.9.4-1ubuntu2) groovy; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2020-16135-*.patch: fix a NULL dereference
checking the return of ssh_buffer_new() and added others checks
in src/sftpservcer.c, src/buffer.c.
- CVE-2020-16135
-- <email address hidden> (Leonidas S. Barbosa) Fri, 31 Jul 2020 15:19:13 -0300
-
libssh (0.9.4-1ubuntu1) groovy; urgency=medium
* Resynchronize on Debian, remaining change
* debian/control:
- Don't Build-Depends on libnacl-dev which is in universe
-- Sebastien Bacher <email address hidden> Thu, 21 May 2020 11:28:50 +0200
-
libssh (0.9.3-2ubuntu2) focal; urgency=medium
* SECURITY UPDATE: denial of service via AES-CTR ciphers
- debian/patches/CVE-2020-1730.patch: fix a possible segfault when
zeroing AES-CTR key in src/libcrypto.c.
- CVE-2020-1730
-- Marc Deslauriers <email address hidden> Thu, 09 Apr 2020 09:17:51 -0400
