libssh (0.6.3-4.3ubuntu0.2) xenial-security; urgency=medium * SECURITY REGRESSION: fix multiple regressions (LP: #1805348) - debian/patches/CVE-2018-10933-regression.patch: set correct state after sending INFO_REQUEST in src/server.c. - debian/patches/CVE-2018-10933-regression2.patch: add missing break in src/packet.c. - debian/patches/CVE-2018-10933-regression3.patch: set correct state after sending GSSAPI_RESPONSE in src/gssapi.c. -- Marc Deslauriers Tue, 27 Nov 2018 10:04:57 -0500 libssh (0.6.3-4.3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2018-10933-*.patch: add upstream patches to correct the issue. - CVE-2018-10933 -- Marc Deslauriers Tue, 16 Oct 2018 15:05:17 -0400 libssh (0.6.3-4.3) unstable; urgency=medium * Non-maintainer upload. * CVE-2016-0739: Truncated Diffie-Hellman secret length (Closes: #815663) -- Salvatore Bonaccorso Tue, 23 Feb 2016 19:54:04 +0100 libssh (0.6.3-4.2) unstable; urgency=medium * Non-maintainer upload. * debian/patches: Add 0002_CVE-2015-3146.patch from 0.6.5 release upstream (Closes: #784404) -- Christopher Knadle Mon, 16 Nov 2015 04:26:51 -0500 libssh (0.6.3-4.1) unstable; urgency=medium * Non-maintainer upload. * Fix "ftbfs with GCC-5": add patch from Matthias Klose/Ubuntu: add __extension__ to __FUNCTION__. (Closes: #777975) -- gregor herrmann Sat, 18 Jul 2015 20:38:30 +0200 libssh (0.6.3-4) unstable; urgency=medium * Add debian/patches/0001_CVE-2014-8132.patch: Fixup error path in ssh_packet_kexinit() (Closes: #773577, CVE-2014-8132) -- Laurent Bigonville Tue, 27 Jan 2015 00:28:01 +0100 libssh (0.6.3-3) unstable; urgency=low [ Sebastian Ramacher ] * Build gcrypt flavor. (Closes: #676650) * d/control: - Add Build-Dep on libgcrypt-dev. - Bump Build-Dep on debhelper to >= 9 and remove cdbs. - Add libssh-gcrypt-dev and libssh-gcrypt-4 packages. - Add Conflicts to libssh-dev and libssh-gcrypt-dev against each other. - Add Depends on libssh-gcrypt-4 to libssh-dbg and break incompatible versions. - Update libssh-4 and libssh-dev Description. * d/compat: Bump to 9. * d/rules: Convert to dh and build gcrypt flavor. * d/libssh-doc.docs: Update location of documentation. + d/patches/1003-custom-lib-names.patch: Allow to overwrite libssh's OUTPUT_NAME. [ Laurent Bigonville ] * debian/libssh-gcrypt-4.lintian-overrides: Add an override for the dev-pkg-without-shlib-symlink lintian warning * debian/control, debian/rules: Enable the tests at build time, really (Closes: #744403) * debian/control: Add pkg-config to the build-dependencies * d/p/2003-disable-expand_tilde_unix-test.patch: Disable torture_path_expand_tilde_unix it's not working well on the buildd * d/p/0007-security-fix-for-vulnerability-CVE-2014-0017.patch: Drop obsolete patch, merged upstream in 0.6.3 * debian/rules: Pass -Wl,-z,defs -Wl,-O1 -Wl,--as-needed to the LDFLAGS * Enable GSSAPI support - debian/control: Add libkrb5-dev | heimdal-dev to the build-dependencies - debian/rules: Pass -DWITH_GSSAPI=ON to the CMake flags - Adjust the .symbols file -- Laurent Bigonville Sat, 30 Aug 2014 17:31:14 +0200 libssh (0.6.3-2) unstable; urgency=low [ Mike Gabriel ] * debian/rules: + Enable tests during package build. (Closes: #744403). -- Mike Gabriel Wed, 14 May 2014 10:19:23 +0200 libssh (0.6.3-1) unstable; urgency=low * Upload to unstable without changes. -- Mike Gabriel Wed, 14 May 2014 09:43:04 +0200 libssh (0.6.3-1~exp1) experimental; urgency=medium * New upstream release. - Reset the PRNG state after accepting a new connection (CVE-2014-0017) -- Laurent Bigonville Wed, 05 Mar 2014 23:02:10 +0100 # For older changelog entries, run 'apt-get changelog libssh-4'