libssh 0.8.0~20170825.94fa1e38-1ubuntu0.5 source package in Ubuntu

Changelog

libssh (0.8.0~20170825.94fa1e38-1ubuntu0.5) bionic-security; urgency=medium

  * SECURITY UPDATE: unsanitized location in scp could lead to unwanted
    command execution
    - debian/patches/CVE-2019-14889-1.patch: reformat code in scp/scp.c.
    - debian/patches/CVE-2019-14889-2.patch: log SCP warnings received from
      the server in src/scp.c.
    - debian/patches/CVE-2019-14889-3.patch: add function to quote file
      names in include/libssh/misc.h, src/misc.c.
    - debian/patches/CVE-2019-14889-4.patch: don't allow file path longer
      than 32kb in src/scp.c.
    - debian/patches/CVE-2019-14889-5.patch: quote location to be used on
      shell in src/scp.c.
    - CVE-2019-14889

 -- Marc Deslauriers <email address hidden>  Tue, 10 Dec 2019 10:30:36 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2019-12-10
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libssh_0.8.0~20170825.94fa1e38.orig.tar.xz 372.2 KiB 48cbcc4c946380f08c024fbc1898b1efd6edff66a5ec4b536695926f0ea055a8
libssh_0.8.0~20170825.94fa1e38-1ubuntu0.5.debian.tar.xz 34.9 KiB 9da9681f8f6ba5c7d90f5ff814510c911d12b4efc19fe6635445bacc2f77e210
libssh_0.8.0~20170825.94fa1e38-1ubuntu0.5.dsc 2.5 KiB b61b5bfc27edd54c1bc0b36f3663222981f84232ace147886308ef3728bffbc4

View changes file

Binary packages built by this source

libssh-4: tiny C SSH library (OpenSSL flavor)

 The ssh library was designed to be used by programmers needing a working SSH
 implementation by the mean of a library. The complete control of the client
 is made by the programmer. With libssh, you can remotely execute programs,
 transfer files, use a secure and transparent tunnel for your remote programs.
 With its SFTP implementation, you can play with remote files easily.
 .
 This package contains shared libraries linked against OpenSSL.

libssh-4-dbgsym: debug symbols for libssh-4
libssh-dev: tiny C SSH library. Development files (OpenSSL flavor)

 The ssh library was designed to be used by programmers needing a working SSH
 implementation by the mean of a library. The complete control of the client
 is made by the programmer. With libssh, you can remotely execute programs,
 transfer files, use a secure and transparent tunnel for your remote programs.
 With its SFTP implementation, you can play with remote files easily.
 .
 This package contains development files to build the OpenSSL flavor.

libssh-doc: tiny C SSH library. Documentation files

 The ssh library was designed to be used by programmers needing a working SSH
 implementation by the mean of a library. The complete control of the client
 is made by the programmer. With libssh, you can remotely execute programs,
 transfer files, use a secure and transparent tunnel for your remote programs.
 With its SFTP implementation, you can play with remote files easily.
 .
 This package contains documentation files.

libssh-gcrypt-4: tiny C SSH library (gcrypt flavor)

 The ssh library was designed to be used by programmers needing a working SSH
 implementation by the mean of a library. The complete control of the client
 is made by the programmer. With libssh, you can remotely execute programs,
 transfer files, use a secure and transparent tunnel for your remote programs.
 With its SFTP implementation, you can play with remote files easily.
 .
 This package contains shared libraries linked against gcrypt.

libssh-gcrypt-4-dbgsym: debug symbols for libssh-gcrypt-4
libssh-gcrypt-dev: tiny C SSH library. Development files (gcrypt flavor)

 The ssh library was designed to be used by programmers needing a working SSH
 implementation by the mean of a library. The complete control of the client
 is made by the programmer. With libssh, you can remotely execute programs,
 transfer files, use a secure and transparent tunnel for your remote programs.
 With its SFTP implementation, you can play with remote files easily.
 .
 This package contains development files to build the gcrypt flavor.