Revisions of libssh
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1167008
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 95)
- Don't change the path for crypto-policies libssh.config (bsc#1222716)
Andreas Schneider (gladiac)
committed
(revision 94)
- Fix regression parsing IPv6 addresses provided as hostname * Added libssh-fix-ipv6-hostname-regression.patch
Adam Majer (adamm)
accepted
request 1134165
from
Marcus Meissner (msmeissn)
(revision 93)
Update changes - Fix CVE-2023-6004: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (bsc#1218209) - Fix CVE-2023-48795: prefix truncation breaking ssh channel integrity (bsc#1218126) - Fix CVE-2023-6918: Added Missing checks for return values for digests (bsc#1218186)
Andreas Schneider (gladiac)
accepted
request 1113627
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 91)
Fedora implementation: https://src.fedoraproject.org/rpms/libssh/c/63aba439d4adf2be12273099db04fd05a21cac84?branch=rawhide https://src.fedoraproject.org/rpms/libssh/c/57b527a2bb9cf9854b200044bfd6a8ff0a1f2b86?branch=rawhide
Andreas Schneider (gladiac)
accepted
request 1102394
from
Malcolm Lewis (malcolmlewis)
(revision 90)
- Add fix to spec file for the incorrect include path as a result of the default openSSH move to /usr/etc, (boo#1211718).
Dirk Mueller (dirkmueller)
committed
(revision 89)
- update to 0.10.5:
* Fix CVE-2023-1667: a NULL dereference during rekeying with
algorithm guessing
* Fix CVE-2023-2283: a possible authorization bypass in
pki_verify_data_signature under low-memory conditions.
* Fix several memory leaks in GSSAPI handling code
* Escape braces in ProxyCommand created from ProxyJump options
for zsh compatibility.
* Fix pkg-config path relocation for MinGW
* Improve doxygen documentation
* Fix build with cygwin due to the glob support
* Do not enqueue outgoing packets after sending
SSH2_MSG_NEWKEYS
* Add support for SSH_SUPPRESS_DEPRECATED
* Avoid functions declarations without prototype to build with
clang 15
* Fix spelling issues
* Avoid expanding KnownHosts, ProxyCommands and IdentityFiles
repetitively
* Add support sk-* keys through configuration
* Improve checking for Argp library
* Log information about received extensions
* Correctly handle rekey with delayed compression
* Move the EC keys handling to OpenSSL 3.0 API
* Record peer disconnect message
* Avoid deadlock when write buffering occurs and we call poll
recursively to flush the output buffer
* Disable preauthentication compression by default
* Add accidentally removed default compile flags
* Solve incorrect parsing of ProxyCommand option
Displaying revisions 1 - 20 of 95
