-
libssh2 (1.4.3-2ubuntu0.2) trusty-security; urgency=medium
* SECURITY UPDATE: Buffer overrun
- debian/patches/CVE-2015-1782.patch: kex: bail out on rubbish in the
incoming packet
- CVE-2015-1782
-- Mike Salvatore <email address hidden> Thu, 14 Feb 2019 09:23:46 -0500
-
libssh2 (1.4.3-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: Generated secrets too short during key exchange
(LP: #1664812).
- debian/patches/CVE-2016-0787.patch: convert bytes to bits in random
number generation. Based on upstream patch.
- CVE-2016-0787
-- Brian Morton <email address hidden> Thu, 16 Feb 2017 11:47:00 -0500
-
libssh2 (1.4.3-2) unstable; urgency=medium
* Make package multi-arch-aware (Closes: #731310).
* Bump Standards-Version, no changes required.
-- Mikhail Gusarov <email address hidden> Wed, 04 Dec 2013 21:29:00 +0100
-
libssh2 (1.4.3-1) unstable; urgency=low
* New upstream release.
- Drop debian/patches/with-gcrypt.patch, applied upstream.
* Incorporate 1.4.2-1.1 NMU by Dmitry. Thanks!
-- Mikhail Gusarov <email address hidden> Tue, 21 May 2013 12:09:00 +0200
