-
libssh (0.9.3-2ubuntu2.5) focal-security; urgency=medium
* SECURITY UPDATE: code injection via ProxyCommand/ProxyJump hostname
- debian/patches/CVE-2023-6004-*.patch: validate hostnames.
- CVE-2023-6004
* SECURITY UPDATE: DoS via incorrect return value checks
- debian/patches/CVE-2023-6918-*.patch: check return values.
- CVE-2023-6918
-- Marc Deslauriers <email address hidden> Thu, 11 Jan 2024 07:46:38 -0500
-
libssh (0.9.3-2ubuntu2.4) focal-security; urgency=medium
* SECURITY UPDATE: Prefix truncation attack on BPP
- debian/patches/CVE-2023-48795-1.patch: add client side mitigation.
- debian/patches/CVE-2023-48795-2.patch: add server side mitigations.
- debian/patches/CVE-2023-48795-3.patch: strip extensions from both kex
lists for matching.
- debian/patches/CVE-2023-48795-4.patch: tests: adjust calculation to
strict kex.
- CVE-2023-48795
-- Marc Deslauriers <email address hidden> Mon, 18 Dec 2023 17:32:08 -0500
-
libssh (0.9.3-2ubuntu2.3) focal-security; urgency=medium
* SECURITY UPDATE: Potential NULL dereference during rekeying with
algorithm guessing
- debian/patches/CVE-2023-1667-*.patch: upstream patches to fix the
issue.
- CVE-2023-1667
* SECURITY UPDATE: Authorization bypass in pki_verify_data_signature
- debian/patches/CVE-2023-2283-*.patch: upstream patches to fix the
issue.
- CVE-2023-2283
-- Marc Deslauriers <email address hidden> Fri, 26 May 2023 07:10:23 -0400
-
libssh (0.9.3-2ubuntu2.2) focal-security; urgency=medium
* SECURITY UPDATE: possible heap-buffer overflow when rekeying
- debian/patches/CVE-2021-3634.patch: create a separate length for
session_id in include/libssh/crypto.h, src/gssapi.c, src/kdf.c,
src/kex.c, src/libcrypto.c, src/messages.c, src/packet.c, src/pki.c,
src/wrapper.c, tests/unittests/torture_session_keys.c.
- CVE-2021-3634
-- Marc Deslauriers <email address hidden> Wed, 18 Aug 2021 11:35:51 -0400
-
libssh (0.9.3-2ubuntu2.1) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2020-16135-*.patch: fix a NULL dereference
checking the return of ssh_buffer_new() and added others checks
in src/sftpservcer.c, src/buffer.c.
- CVE-2020-16135
-- <email address hidden> (Leonidas S. Barbosa) Fri, 31 Jul 2020 15:38:31 -0300
-
libssh (0.9.3-2ubuntu2) focal; urgency=medium
* SECURITY UPDATE: denial of service via AES-CTR ciphers
- debian/patches/CVE-2020-1730.patch: fix a possible segfault when
zeroing AES-CTR key in src/libcrypto.c.
- CVE-2020-1730
-- Marc Deslauriers <email address hidden> Thu, 09 Apr 2020 09:17:51 -0400
-
libssh (0.9.3-2ubuntu1) focal; urgency=medium
* Resynchronize with Debian, remaining change
* Disable libnacl support, which has not gone through an MIR.
LP: #1847346.
libssh (0.9.3-2) unstable; urgency=medium
* debian/rules: Rename libssh-gcrypt.a to libssh.a to ensure that the
correct static library is installed in the libssh-gcrypt-dev package
libssh (0.9.3-1) unstable; urgency=medium
[ Laurent Bigonville ]
* New upstream release
- Fix an nsanitized location in scp that could lead to unwanted command
execution (Closes: #946548 CVE-2019-14889)
- d/p/1003-custom-lib-names.patch: Refreshed
- d/p/2003-disable-expand_tilde_unix-test.patch: Refreshed
- debian/rules: Fix the parameter name used to build the static library
- debian/patches/install_static_lib.patch: Install the static library again
* debian/control: Bump Standards-Version to 4.4.1 (no further changes)
* Bump debhelper compatibility to 12
[ Sebastien Bacher ]
* debian/tests/libssh-server:
- Use the correct compiler for proposed autopkgtest cross-testing
support. (Closes: #946536)
-- Sebastien Bacher <email address hidden> Fri, 17 Jan 2020 09:47:29 +0100
-
libssh (0.9.0-1ubuntu5) focal; urgency=medium
* SECURITY UPDATE: unsanitized location in scp could lead to unwanted
command execution
- debian/patches/CVE-2019-14889-1.patch: add tests for SCP client in
tests/client/CMakeLists.txt, tests/client/torture_scp.c.
- debian/patches/CVE-2019-14889-2.patch: reformat code in scp/scp.c.
- debian/patches/CVE-2019-14889-3.patch: log SCP warnings received from
the server in src/scp.c.
- debian/patches/CVE-2019-14889-4.patch: add function to quote file
names in include/libssh/misc.h, src/misc.c.
- debian/patches/CVE-2019-14889-5.patch: add unit tests for
ssh_quote_file_name() in tests/unittests/torture_misc.c.
- debian/patches/CVE-2019-14889-6.patch: don't allow file path longer
than 32kb in src/scp.c.
- debian/patches/CVE-2019-14889-7.patch: quote location to be used on
shell in src/scp.c.
- CVE-2019-14889
-- Marc Deslauriers <email address hidden> Wed, 11 Dec 2019 09:48:38 -0500
-
libssh (0.9.0-1ubuntu4) focal; urgency=medium
* debian/test/libssh-server:
- use 'gcc' rather than 'cc' since the other doesn't have a variant
that can be used for cross tests
-- Sebastien Bacher <email address hidden> Tue, 10 Dec 2019 14:39:19 +0100
-
libssh (0.9.0-1ubuntu3) focal; urgency=medium
* Use the correct pkg-config variant
-- Sebastien Bacher <email address hidden> Tue, 10 Dec 2019 12:32:39 +0100
-
libssh (0.9.0-1ubuntu2) focal; urgency=medium
* Make autopkgtests cross-test-friendly.
-- Sebastien Bacher <email address hidden> Tue, 10 Dec 2019 11:11:00 +0100
-
libssh (0.9.0-1ubuntu1) eoan; urgency=medium
* Disable libnacl support, which has not gone through an MIR.
LP: #1847346.
-- Steve Langasek <email address hidden> Tue, 08 Oct 2019 20:31:16 +0000