sslh - Debian Package Tracker

general

source: sslh (main)
version: 2.1.4-1
maintainer: Don Armstrong (DMD) (LowNMU)
arch: any
std-ver: 4.4.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.20-1
o-o-sec: 1.20-1+deb11u1
oldstable: 1.20-1
stable: 2.1.4-1
testing: 2.1.4-1
unstable: 2.1.4-1

versioned links

1.20-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.20-1+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

sslh (7 bugs: 0, 5, 2, 0)

action needed

A new upstream version is available: 2.3.0 high

A new upstream version 2.3.0 is available, you should consider packaging it.

Created: 2025-04-08 Last update: 2025-11-07 22:30

3 security issues in sid high

There are 3 open security issues in sid.

3 important issues:

CVE-2025-46806: A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.
CVE-2025-46807: A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.
CVE-2025-52936: Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.

Created: 2025-06-02 Last update: 2025-08-20 22:30

3 security issues in forky high

There are 3 open security issues in forky.

3 important issues:

CVE-2025-46806: A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.
CVE-2025-46807: A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.
CVE-2025-52936: Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.

Created: 2025-08-09 Last update: 2025-08-20 22:30

debian/patches: 1 patch with invalid metadata, 4 patches to forward upstream high

Among the 6 debian patches available in version 2.1.4-1 of the package, we noticed the following issues:

1 patch with invalid metadata that ought to be fixed.
4 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-01-06 14:30

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-11-08 01:43

5 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 19893fdee897450a82f50e49554915e18b157754
Author: Chris Lamb <chris@chris-lamb.co.uk>
Date:   Tue Jul 8 10:26:43 2025 -0700

    Add debian/salsa-ci.yml.

commit 9528ef182a97745d2cbd2391a7906b12a73be95c
Author: Chris Lamb <chris@chris-lamb.co.uk>
Date:   Tue Jul 8 10:25:40 2025 -0700

    Add debian/gbp.conf.

commit 8856c830c1aed288084a121617fb00fbb2d002ac
Author: Sergey Ponomarev <stokito@gmail.com>
Date:   Thu Apr 4 13:19:11 2024 +0300

    sslh.service: use SystemD to set a user instead of option --user sslh

commit 4a28d923c2e004ce695923ceeee0eaa0ad2af31d
Author: Sergey Ponomarev <stokito@gmail.com>
Date:   Mon Dec 18 22:41:44 2023 +0200

    /etc/default/sslh: use --tls instead of the deprecated --ssl
    
    Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

commit 80e3fef0bb43240f5dfab3316824c0d38fb893be
Author: Gioele Barabucci <gioele@svario.it>
Date:   Sat Feb 15 09:40:34 2025 +0100

    d/control: Remove outdated debconf version constraint
    
    debconf 0.5 is older than Debian 3.0 "woody" (released in 2002),
    thus this version constraint is not really useful.
    
    An appropriate dependency (compatible with `cdebconf`) will be added
    by `dh_installdebconf`.
    
    Closes: #1096122

Created: 2025-02-17 Last update: 2025-11-07 10:00

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2025-09-10 Last update: 2025-09-10 19:34

2 open merge requests in Salsa normal

There are 2 open merge requests for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-08-19 Last update: 2025-08-19 06:28

3 low-priority security issues in trixie low

There are 3 open security issues in trixie.

3 issues left for the package maintainer to handle:

CVE-2025-46806: (needs triaging) A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.
CVE-2025-46807: (needs triaging) A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.
CVE-2025-52936: (needs triaging) Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.

You can find information about how to handle these issues in the security team's documentation.

Created: 2025-06-02 Last update: 2025-08-20 22:30

2 low-priority security issues in bookworm low

There are 2 open security issues in bookworm.

2 issues left for the package maintainer to handle:

CVE-2025-46807: (needs triaging) A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.
CVE-2025-52936: (needs triaging) Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.

You can find information about how to handle these issues in the security team's documentation.

Created: 2025-06-02 Last update: 2025-08-20 22:30

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.4.0).

Created: 2019-09-29 Last update: 2025-02-27 13:25

news

[rss feed]

[2025-07-09] Accepted sslh 1.20-1+deb11u1 (source) into oldstable-security (Chris Lamb)
[2025-01-15] sslh 2.1.4-1 MIGRATED to testing (Debian testing watch)
[2025-01-06] Accepted sslh 2.1.4-1 (source) into unstable (Don Armstrong)
[2024-11-12] sslh REMOVED from testing (Debian testing watch)
[2024-10-24] sslh 2.1.1-2 MIGRATED to testing (Debian testing watch)
[2024-09-26] Accepted sslh 2.1.1-2 (source) into unstable (Don Armstrong)
[2024-05-21] sslh REMOVED from testing (Debian testing watch)
[2024-05-21] sslh REMOVED from testing (Debian testing watch)
[2024-04-26] Accepted sslh 2.1.1-1 (source) into unstable (Don Armstrong)
[2023-08-23] sslh 1.22c-1 MIGRATED to testing (Debian testing watch)
[2023-08-18] Accepted sslh 1.22c-1 (source amd64) into unstable (Don Armstrong)
[2023-08-15] Accepted sslh 1.20-1.1 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2023-07-17] sslh REMOVED from testing (Debian testing watch)
[2020-02-11] Accepted sslh 1.20-1~bpo10+1 (source amd64) into buster-backports, buster-backports (Mike Gabriel)
[2020-02-11] Accepted sslh 1.20-1~bpo9+1 (source amd64) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Mike Gabriel)
[2019-09-26] sslh 1.20-1 MIGRATED to testing (Debian testing watch)
[2019-09-21] Accepted sslh 1.20-1 (source) into unstable (Don Armstrong)
[2016-05-23] sslh 1.18-1 MIGRATED to testing (Debian testing watch)
[2016-05-17] Accepted sslh 1.18-1 (source amd64) into unstable (Guillaume Delacour) (signed by: Ana Beatriz Guerrero López)
[2015-07-29] sslh 1.17-2 MIGRATED to testing (Britney)
[2015-07-23] Accepted sslh 1.17-2 (source amd64) into unstable (Guillaume Delacour) (signed by: Ana Beatriz Guerrero López)
[2015-05-31] Accepted sslh 1.17-1 (source amd64) into unstable (Guillaume Delacour) (signed by: Ana Beatriz Guerrero López)
[2014-09-09] sslh 1.16-2 MIGRATED to testing (Britney)
[2014-09-03] Accepted sslh 1.16-2 (source amd64) into unstable (Guillaume Delacour) (signed by: Ana Beatriz Guerrero López)
[2014-08-16] Accepted sslh 1.16-1 (source amd64) into unstable (Guillaume Delacour) (signed by: Ana Beatriz Guerrero López)
[2014-02-12] sslh 1.15-1 MIGRATED to testing (Debian testing watch)
[2014-02-05] Accepted sslh 1.15-1 (source amd64) (Guillaume Delacour) (signed by: Ana Beatriz Guerrero López)
[2012-09-06] sslh 1.13b-3.2 MIGRATED to testing (Debian testing watch)
[2012-08-26] Accepted sslh 1.13b-3.2 (source amd64) (David Prévot)
[2012-08-25] Accepted sslh 1.13b-3.1 (source amd64) (David Prévot)

bugs [bug history graph]

all: 12
RC: 0
I&N: 9
M&W: 2
F&P: 1
patch: 2

links

homepage
lintian (0, 1)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (100, -)
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.4-1build1
5 bugs