-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 21 May 2023 18:22:05 +0000
Source: libssh
Binary: libssh-4 libssh-4-dbgsym libssh-dev libssh-gcrypt-4 libssh-gcrypt-4-dbgsym libssh-gcrypt-dev
Architecture: armel
Version: 0.9.7-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 libssh-4   - tiny C SSH library (OpenSSL flavor)
 libssh-dev - tiny C SSH library - Development files (OpenSSL flavor)
 libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor)
 libssh-gcrypt-dev - tiny C SSH library - Development files (gcrypt flavor)
Closes: 1035832
Changes:
 libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
Checksums-Sha1:
 6e58d4006cc2a9d08a3f5a7308674cb48ee262c1 456956 libssh-4-dbgsym_0.9.7-0+deb11u1_armel.deb
 8fd708b2628455af873246fc4380f238722e056d 159652 libssh-4_0.9.7-0+deb11u1_armel.deb
 c200f50509d79d8b2f7ba5ded1225e1869a77930 213724 libssh-dev_0.9.7-0+deb11u1_armel.deb
 0e17410b9019b1dbcdee51a92ea76a4712d9f46d 496680 libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_armel.deb
 d20555d071f22118b65fdaa6e47025671b686ac2 189684 libssh-gcrypt-4_0.9.7-0+deb11u1_armel.deb
 94f08bbc3836ca66e61ff7e99abfe5abfa3121af 246960 libssh-gcrypt-dev_0.9.7-0+deb11u1_armel.deb
 54758360dfe9e15ca71042dca16f232c9699e7be 9346 libssh_0.9.7-0+deb11u1_armel-buildd.buildinfo
Checksums-Sha256:
 490ac39983028e008ca540043f6d29a2a1e7f7b69a1d531489b41fce76893e81 456956 libssh-4-dbgsym_0.9.7-0+deb11u1_armel.deb
 e247a0182cf25fd326d6a4a98a40da997a2e0789ea947457776f0f66faa210e6 159652 libssh-4_0.9.7-0+deb11u1_armel.deb
 df27a134c9deb6bf265ea3daab1e99451ff66e33cc34cf108b8d3e38271e2897 213724 libssh-dev_0.9.7-0+deb11u1_armel.deb
 d36de98e4c2436c9f1c0095107db4d33461d757cfd525b01c12f70c15b51a9db 496680 libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_armel.deb
 4f00eea0e710fd745fdea4e8a220533ce1af14a0cd037a5bd07833866833b1e9 189684 libssh-gcrypt-4_0.9.7-0+deb11u1_armel.deb
 32b230796cc811c5d580d7c0529a4fa487f2fa99605502e0f62deb10cc1c769c 246960 libssh-gcrypt-dev_0.9.7-0+deb11u1_armel.deb
 55cece788e4b16f6663d32266d8c7a70732a1730924a1d0618249a9b0423cdb6 9346 libssh_0.9.7-0+deb11u1_armel-buildd.buildinfo
Files:
 e17a606aaf7b39c9a0e55ae3ffbcbc12 456956 debug optional libssh-4-dbgsym_0.9.7-0+deb11u1_armel.deb
 569fb1d30cd1526f913f7b957f4ed815 159652 libs optional libssh-4_0.9.7-0+deb11u1_armel.deb
 d2e1e8e6e046f501fb272a218116d1bb 213724 libdevel optional libssh-dev_0.9.7-0+deb11u1_armel.deb
 3b682a413e76fc39436fd3284f0fc90b 496680 debug optional libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_armel.deb
 c7d5e7e1900bc5ee9913457f1f03de28 189684 libs optional libssh-gcrypt-4_0.9.7-0+deb11u1_armel.deb
 4f3945b26adeccd8dcfd3d9d5265a8fc 246960 libdevel optional libssh-gcrypt-dev_0.9.7-0+deb11u1_armel.deb
 4a8c235e6f7f16a278722d8b689d11b6 9346 libs optional libssh_0.9.7-0+deb11u1_armel-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUCZhpX7EW6FhRngRD7xMY/mIqXMFAmRqaaUACgkQD7xMY/mI
qXPEsA//bUkCAigkOY+L0JFZDGMHhTDAz4sc8MTWjENHSZYPf6cTqUjHSbuxHEIz
aBixlfnvCBh7Jz8g44NAzfRyUKXE03Ga1iCh5sKi/Z9RjXHTpc3oD9LhnTTC1HNn
7ZanIQnC4zRlSSrBX58XKSnNaV/l19irzvCm6t1UvV2jbMTsxghaZ/qqUAqXDDr3
oHgHxWzZiQtGmjiMghCQaguflOKAcTYq8RtBteTHBjbEYL/dvzwDwvW7cGc0kxlQ
1IGhoHCr9tQNZst4J0APfY2WB7pAFKPoLhEtiLfLKHRNT58Cg8e3y6RKnBBeuNIx
56S8SlGT92IFUT4sOsxyykGRWNvyMO9SF5qio3x3EfvhTmsIB68Y9ilC5Ug9147z
xzL5pxVBh53o6L1NAdklP6UJiDIjgfLJLfRRA5RhvTiA04E5Eror2qHclnaFGoMi
a8Npw6slIpQUyqscuiHueGFKE2+Adi2+G2vVD4zke8EyqF1rZcS6dFZjhJPlQ/6f
x3KnTfFHqPvJH63Str9OfDPMTIjjF8Uvzjbt29A7SbU/VL5AeCAaBtNrMuFq1I6M
N1tQkkz2mgKcKogEOh4zRZjzHDTIFRqsMRWG/SJP1mXERceUYEzuUd94i4mrVJXz
SW8K6REsTzODQvOqJLrhYdAN2UPJyyGwf64dL4rRIvbvAo1lbvo=
=ZSon
-----END PGP SIGNATURE-----