Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libssh 0.10.6-1 (source) into unstable
Date: Fri, 22 Dec 2023 09:35:30 +0000
Signed by: Martin Pitt <mpitt@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 22 Dec 2023 09:46:12 +0100
Source: libssh
Architecture: source
Version: 0.10.6-1
Distribution: unstable
Urgency: high
Maintainer: Laurent Bigonville <bigon@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Closes: 1059004 1059059 1059061
Changes:
 libssh (0.10.6-1) unstable; urgency=high
 .
   * New upstream security release (thus high urgency):
     - Fix Command injection using ProxyCommand
       (CVE-2023-6004, Closes: #1059061)
     - Fix missing checks for return values of MD functions
       (CVE-2023-6918, Closes: #1059059)
     - Fix potential downgrade attack using strict kex
       (CVE-2023-48795, Closes: #1059004)
Checksums-Sha1:
 9e77cbbb34460c52297d3054d02552720b35760f 2742 libssh_0.10.6-1.dsc
 e8fb3b4750db11d2483cac4b5f046e301c09b72f 561036 libssh_0.10.6.orig.tar.xz
 ef01c0d5506ae2c6d3fbda6c89dca53079f422d6 833 libssh_0.10.6.orig.tar.xz.asc
 34f78c16c8ed01bb9d0ec57d1974a3933bfa9f49 28280 libssh_0.10.6-1.debian.tar.xz
 07446c9bfb85f7b179ba8966345226350a9a1597 7498 libssh_0.10.6-1_source.buildinfo
Checksums-Sha256:
 36941e4f17fea5b5b4b8729fb0e6e98eac6c3ba2840e15ae2d4c1e37cfd37b61 2742 libssh_0.10.6-1.dsc
 1861d498f5b6f1741b6abc73e608478491edcf9c9d4b6630eef6e74596de9dc1 561036 libssh_0.10.6.orig.tar.xz
 140420406d7796548b0beaf736e73864c32291787cf2bd3983fdbc41741494ae 833 libssh_0.10.6.orig.tar.xz.asc
 3f77309d0565845e841b2fad88ea0691ca898984d46c4244c4ad8a3df1f0074f 28280 libssh_0.10.6-1.debian.tar.xz
 7f9b5bb8a2467a434f56a710b698346dc0e73933ccb2dbd276d3f2c344599837 7498 libssh_0.10.6-1_source.buildinfo
Files:
 5af9d75c3aa815e0a2da367baed328af 2742 libs optional libssh_0.10.6-1.dsc
 5f46371aa8bfa7e6bff7f2a6f3edf80e 561036 libs optional libssh_0.10.6.orig.tar.xz
 75a12048601da804564cfa523bd77bcf 833 libs optional libssh_0.10.6.orig.tar.xz.asc
 c152de67feae1b7613eeea034cf54f33 28280 libs optional libssh_0.10.6-1.debian.tar.xz
 70c805e477c2f175b2f7c35dd21d88ae 7498 libs optional libssh_0.10.6-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmWFTr4ACgkQ7nvd5Lhr
VxOkgw//bIhZhXaurPjz7iPQBSmAyHkQrYJxhUYrajsdYN22E/oWoT82p8vZLucU
Bq4VaB887Oxh7Z3lgWRWHyvIx4zjMcS4C2X0MrCbFTW646EJEOhZSzUoWkyoW/0z
xToZZIujI5Mtp4gpEsjmP2imZaIO3v76UKoCb+nfIItvMU6DvzjWd6nSk/XGytyh
Pqb3mjdOZABvIIZZLGTtOZYkBDEKpgyOkvduKubPm95EgV2gTyLXlYZTaGxrt3KT
QIik824Z7EF8zkcSRNr6m6WHG344GZFmkh50SYGLpHADq3oQHcWXMaRmDuQGx/vO
sAEKXH94/xdaGz2/7W8g2nC7MfzH0zkZL2DayOdPnmYAIgpl84LdEdWhoOoLEFeb
6g1nK223gVhuzSkpIHyqY2af+kKeqxxTgik5eqXEul2iQaCJ8AiYKTVkINZzvvDR
W9tJQh3oxiikn4EGpI/eU7HunzoWzdl0Gj241CD+JKzXAWlkbYczu8afZLg7d9km
CicAy1l7S/XLemR6RC8LsfYVQ/ChAmNqJqDhRlGEcTWOw8hx7lYPWlWGg+QVBi7P
fcQCJS+xcfEw3A5touQ1mtSqx89OGmgO+GgIwal+wGedzFsP7caXLmwGxvhF5upz
wqi+WBFRKoThBWnS/+cdzZ03SCwPhuKgHplP46VMA5gbusiDFbA=
=fAhZ
-----END PGP SIGNATURE-----
News for package libssh
