libssh 0.9.8-0+deb11u1 source package in Debian
Changelog
libssh (0.9.8-0+deb11u1) bullseye-security; urgency=medium
* New upstream security release:
- Fix Command injection using ProxyCommand
(CVE-2023-6004, Closes: #1059061)
- Fix missing checks for return values of MD functions
(CVE-2023-6918, Closes: #1059059)
- Fix potential downgrade attack using strict kex
(CVE-2023-48795, Closes: #1059004)
* Fix regression in IPv6 addresses in hostname parsing from CVE-2023-6004
fix. Patch and unit test backported from upstream stable-0.9 branch.
See https://gitlab.com/libssh/libssh-mirror/-/issues/227
-- Martin Pitt <email address hidden> Mon, 25 Dec 2023 11:40:33 +0100
Upload details
- Uploaded by:
- Laurent Bigonville
- Uploaded to:
- Bullseye
- Original maintainer:
- Laurent Bigonville
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bullseye | release | main | libs |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libssh_0.9.8-0+deb11u1.dsc | 2.4 KiB | e987b8ab8f35fc3a13b65138cedf4588071b3b70fe4d114d7e91a7c36392dcb8 |
| libssh_0.9.8.orig.tar.xz | 496.3 KiB | 9f834b732341d428d67bbe835b7d10ae97ccf25d6f5bd0288fa51ae683f2e7cd |
| libssh_0.9.8-0+deb11u1.debian.tar.xz | 29.2 KiB | 65638ae253e1e76bc3e1d310a55951d2893da2b9b1af068cb45dfee7e68938af |
No changes file available.
