Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted libssh 0.7.3-2+deb9u3 (source amd64 all) into oldstable
Date: Fri, 31 Jul 2020 22:50:15 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 01 Aug 2020 00:28:18 +0200
Source: libssh
Binary: libssh-4 libssh-gcrypt-4 libssh-dev libssh-gcrypt-dev libssh-doc
Architecture: source amd64 all
Version: 0.7.3-2+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Laurent Bigonville <bigon@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libssh-4   - tiny C SSH library (OpenSSL flavor)
 libssh-dev - tiny C SSH library. Development files (OpenSSL flavor)
 libssh-doc - tiny C SSH library. Documentation files
 libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor)
 libssh-gcrypt-dev - tiny C SSH library. Development files (gcrypt flavor)
Changes:
 libssh (0.7.3-2+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2020-16135:
     The code in src/sftpserver.c did not verify the validity of certain
     pointers and expected them to be valid. A NULL pointer dereference could
     have been occured that typically causes a crash and thus a
     denial-of-service.
Checksums-Sha1:
 36eae0364f2410f049bdb2ae04d82c064832a6db 2459 libssh_0.7.3-2+deb9u3.dsc
 74bbb21fd07a98b9bffee1c052b503d566959e4b 25964 libssh_0.7.3-2+deb9u3.debian.tar.xz
 5f72f74566a027e98038efbc0bd68ba9e58d7f3a 470388 libssh-4-dbgsym_0.7.3-2+deb9u3_amd64.deb
 e3b403532549e5f80b6b1c2465dada7777ef0d8d 171166 libssh-4_0.7.3-2+deb9u3_amd64.deb
 186d953576d13465af93407799a847d5ee33eaf5 213854 libssh-dev_0.7.3-2+deb9u3_amd64.deb
 cac47a718b5b9c5949f7a3ceb356c29a378ba6e8 257914 libssh-doc_0.7.3-2+deb9u3_all.deb
 323ed9c437faa7d61116467a1e35e60a904a0253 435438 libssh-gcrypt-4-dbgsym_0.7.3-2+deb9u3_amd64.deb
 9af31e96901f09fc6f92bf180f8bfa6b33007072 170514 libssh-gcrypt-4_0.7.3-2+deb9u3_amd64.deb
 5b5f869ef344b70fd129404ae7f23bbf3601cfa7 213160 libssh-gcrypt-dev_0.7.3-2+deb9u3_amd64.deb
 ba0e382029274fd1e4c054053d77ad9a30db71d4 9439 libssh_0.7.3-2+deb9u3_amd64.buildinfo
Checksums-Sha256:
 6db68cff513cb4bf192b102f8291440f30b5bc24dd814cee61b3e893723e2dbb 2459 libssh_0.7.3-2+deb9u3.dsc
 d96e1f0f40be9484bc19b9e405bd808e16e784f0d11d956212f431ea0e06c996 25964 libssh_0.7.3-2+deb9u3.debian.tar.xz
 ce9bd6faa5bcfc669f9a1ae767942b89683d0f317935f530884e864fac34eb3e 470388 libssh-4-dbgsym_0.7.3-2+deb9u3_amd64.deb
 c14668e7028131e4e24cc9b0147dd959270777ac96e68e4a5fd53887ce7fc5c1 171166 libssh-4_0.7.3-2+deb9u3_amd64.deb
 949cc04853724459450279b654c23a8094299b20a5d538ec5af0d454b8d5f5e2 213854 libssh-dev_0.7.3-2+deb9u3_amd64.deb
 fd4bd31117fa7f105d76be4c3db2502ddc682a74d8cb2283b33287b9a2c0b0b3 257914 libssh-doc_0.7.3-2+deb9u3_all.deb
 7a037272f65c746a5dd8bd4c64484c4a7d666be2679a2efe320a3f6644c13bf8 435438 libssh-gcrypt-4-dbgsym_0.7.3-2+deb9u3_amd64.deb
 c3af4b11a06d566c335fc0721cbb019279d6b85090c7b04b477ef35734340ff1 170514 libssh-gcrypt-4_0.7.3-2+deb9u3_amd64.deb
 a31bc8a7b7fa5d8a9624681b01ff04758b5032b6251490b11e8514978c5cc6ac 213160 libssh-gcrypt-dev_0.7.3-2+deb9u3_amd64.deb
 3ba722e086bea92117b39eb232e8e5fd16c1301be6b9f926c3e96b88e0e04e51 9439 libssh_0.7.3-2+deb9u3_amd64.buildinfo
Files:
 1bfc799768bf54bcb3dd47db07edcffd 2459 libs optional libssh_0.7.3-2+deb9u3.dsc
 cee0266cb48493da2f58ab4428c385c5 25964 libs optional libssh_0.7.3-2+deb9u3.debian.tar.xz
 88456eff047e969b369b41ebb0b3df06 470388 debug extra libssh-4-dbgsym_0.7.3-2+deb9u3_amd64.deb
 00cf5d4f5e9f3be9d4eeb16c5a54f2c8 171166 libs optional libssh-4_0.7.3-2+deb9u3_amd64.deb
 38c3bded1834debc5894a5160e2b37de 213854 libdevel optional libssh-dev_0.7.3-2+deb9u3_amd64.deb
 b4b3f0a0d78588fc35d68ae500113fda 257914 doc optional libssh-doc_0.7.3-2+deb9u3_all.deb
 528f3be1fc5da901764c5445ec81f49e 435438 debug extra libssh-gcrypt-4-dbgsym_0.7.3-2+deb9u3_amd64.deb
 44e58418a96c6cadce5b33ed6e3cb40a 170514 libs optional libssh-gcrypt-4_0.7.3-2+deb9u3_amd64.deb
 e8c7be82bde9ac0768136e01834156c3 213160 libdevel optional libssh-gcrypt-dev_0.7.3-2+deb9u3_amd64.deb
 1639c98a2db7ec34b6b3a91e231588ef 9439 libs optional libssh_0.7.3-2+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl8knb9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkQvgQAM9bNlpIyJqeGyv4gp/ZPA+lWwSlP5rxG830
rd6ZEt4SG1unAqGNG63WQXNJPVLAgFQHCRFV7XE5g2MiFHtPUIlqOcNp8AQpIHCo
+HKpdLNwb74OGMONjvA+OGMtRLNO0db3QOobQwM2euY4B2gyhyJtrcwkyMX1UYOL
zdvJUTxfJlGrAecIb9kmXbUdx79RZuMKxJlezba3xrnF6CT3Su10k4Z6+trebx/2
+DM7LwIw5jjPmfpn9pPFwxNHoKyIuQccOtI+WqHPxGnDcUSPXxm7W6K6HD7a5QNN
OpSCJ2ImtE4MqstXPFoRpV2/cEGOfu9Xaaglrb2YnMGPuKwoCsfH6aWU7wNW2uni
DPjC2J3HqntmdwZ6FKCNG/t2zQ+2fhwEI1JJc5VGLsNBJY1Bn/SrduiFOQOHb9Lc
/msSQFxI5276GywQ1haphAWwgk3UOBRy4Zj7WGi1NjkMdnTN5vKNP+rAiUi/xEYI
AYev0H1ZkyBlT6UmtnpGd35l7BhZMMC192dgqJZrHIQJ5TlQHwHAvbwmVZ2YQqGP
MyavKcD1SishCpobHIjhCY0LJgT1kC/650F7Slq1oa++5O5FUROaqqvoy8xxFZvS
QKei4xj38I7pFp6CxjhHvvTUv+J0b9y7DVqtYnvmHJy18kozWCv7/L5ym8Ds3L9+
mrO0XR/0
=uy1A
-----END PGP SIGNATURE-----
News for package libssh
