-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 10 May 2023 08:00:26 +0200 Source: libssh Architecture: source Version: 0.10.5-1 Distribution: unstable Urgency: high Maintainer: Laurent Bigonville <bigon@debian.org> Changed-By: Martin Pitt <mpitt@debian.org> Closes: 1035832 Changes: libssh (0.10.5-1) unstable; urgency=high . [ Martin Pitt ] * New upstream security release (thus high urgency): - Fix authenticated remote DoS through potential NULL dereference during rekeying with algorithm guessing (CVE-2023-1667) https://www.libssh.org/security/advisories/CVE-2023-1667.txt - Client authentication bypass in pki_verify_data_signature() in low-memory conditions with OpenSSL backend; gcrypt backend is not affected https://www.libssh.org/security/advisories/CVE-2023-2283.txt (CVE-2023-2283, Closes: #1035832) * Bump Standards-Version to 4.6.2. No changes necessary. * Drop debian/source/lintian-overrides. It now causes a "mismatched-override" warning, and apparently is not necessary any more. * debian/copyright: Drop files which don't exist any more. Spotted by lintian's "superfluous-file-pattern" warnings. . [ Debian Janitor ] * Bump debhelper from old 12 to 13. * Avoid explicitly specifying -Wl,--as-needed linker flag. Checksums-Sha1: ddb59b6af4d50563b33b21973e1b2b0758b675c7 2742 libssh_0.10.5-1.dsc bc6b6858c3f4d07a302d838258d98e5bae790387 557776 libssh_0.10.5.orig.tar.xz dc55b86977ec5348d3048118c3beccd5d1b06da9 833 libssh_0.10.5.orig.tar.xz.asc d8d354cc003f4cc254f672fb968e13865059f00b 28016 libssh_0.10.5-1.debian.tar.xz 29c7fbab76614a2fb35d9c473593912876904b1c 7413 libssh_0.10.5-1_source.buildinfo Checksums-Sha256: 2dbdceacadaa1ce6629bef199a44e2c89b9b220996337c858f54970914b4f4f0 2742 libssh_0.10.5-1.dsc b60e2ff7f367b9eee2b5634d3a63303ddfede0e6a18dfca88c44a8770e7e4234 557776 libssh_0.10.5.orig.tar.xz cc5427ac9480b30f87f7c3c2dca1830c1e7fe3c18503da2c07d4110150916c66 833 libssh_0.10.5.orig.tar.xz.asc 06b785dde60a98934d56095834a41562a58039b034a2d7f1eb90bc633d84b83e 28016 libssh_0.10.5-1.debian.tar.xz 6d2e8069eca275285bf54f9c8a5dc87571af90a02d8e69bc0741b80b9e0f6d48 7413 libssh_0.10.5-1_source.buildinfo Files: 63f682b498516dc66aa3059964baafca 2742 libs optional libssh_0.10.5-1.dsc d8db64ad57bbf25fc53396dd5438a3ef 557776 libs optional libssh_0.10.5.orig.tar.xz 5216efd082214fa43e966115bb9502f8 833 libs optional libssh_0.10.5.orig.tar.xz.asc d8d8a5b28a9802a5ce080df8ecb31fed 28016 libs optional libssh_0.10.5-1.debian.tar.xz 1d9dca270a1bb5fdaa7aba64f838cd19 7413 libs optional libssh_0.10.5-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmRbMzAACgkQ7nvd5Lhr VxPuEg//deLK4VLcee6GdodxblILU04rQ1ZC9GteXOKY3ApOgVYnUHwgJx3Js8OG l5A5vBImnv+3wctnxEce4AXj76YrB2uKEH+LRFwCTqrSwfjmYVvw1OcpBiu6nJSi GvPoJ+eZ7Om+WCxr/Rn7ainN3pejejMxTiPIV6HYIY6wMsV7zC1fqt8eLD82IDIw jN/7xoSKmVto7IauGisKpOFCtgkkJe4rcnoZYUyqm9AyZvDvo8jootYbWPGs8MLi waOuvPrKEtfpYE/A4TLAn6GAw/GUTFFeNi18orMXQCIzIHn2xvTOWBY8F5Zplrpa SDWnH8AmEEp7OIGymQf30sHugYlFceqJcikem0/LyL6uLxROM2NfYcLcYisQPVdz ebL+l+r4MV/mlAoqwlKy02ij5Vt4RtwTYM2x8QE+KHLYVCCZCBbJLLoFoDTepybG QO7z+0iGFgwq6Ig3abalkI93qxd7Xd+FDFYFpacRhCkgxB99OuPQmoiyqEav7Rof MV7G+cc4r7Xz1F0rhOlvF6tkxIBWoKMnmL6Ko37btAqFQlSohCODQt1KJtYKoEq+ tEBkBRFMFRGGRA7sULyKENBzCvXUV/Y6il+wCUpnsuhVQRpX+Hm1xJxOJHoSKRKR 7QJ0GPrOWlzmEqCnJSAdrtyUz27NQ+DWS/QTNT8zTFwSPceHow4= =x/4l -----END PGP SIGNATURE-----
