-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 21 May 2023 18:22:05 +0000
Source: libssh
Binary: libssh-4 libssh-4-dbgsym libssh-dev libssh-gcrypt-4 libssh-gcrypt-4-dbgsym libssh-gcrypt-dev
Architecture: i386
Version: 0.9.7-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 libssh-4   - tiny C SSH library (OpenSSL flavor)
 libssh-dev - tiny C SSH library - Development files (OpenSSL flavor)
 libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor)
 libssh-gcrypt-dev - tiny C SSH library - Development files (gcrypt flavor)
Closes: 1035832
Changes:
 libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
Checksums-Sha1:
 7fcae6bd08a948800306c8d0eb605702fbaac12e 391272 libssh-4-dbgsym_0.9.7-0+deb11u1_i386.deb
 74ec16fc45c32cdffedd0f202ec8f55a82f1a55d 205392 libssh-4_0.9.7-0+deb11u1_i386.deb
 9689822c9d976eed93499e10617a7ca32a5b4ec6 259100 libssh-dev_0.9.7-0+deb11u1_i386.deb
 1cabfe00b0eb8993148c51161977238796db4ae8 426492 libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_i386.deb
 991c275577c1055aa35e8f615e4e752e74d49f02 237948 libssh-gcrypt-4_0.9.7-0+deb11u1_i386.deb
 a8b1fd29c4b37704e7da642e7d1d1c7bb684d615 294676 libssh-gcrypt-dev_0.9.7-0+deb11u1_i386.deb
 d6df53b2b0540d4cec0745e005a2649c6e1e70dc 9390 libssh_0.9.7-0+deb11u1_i386-buildd.buildinfo
Checksums-Sha256:
 5b69feb9086a216705dedc423c3290741fad9219d894223574f7987f93f96c26 391272 libssh-4-dbgsym_0.9.7-0+deb11u1_i386.deb
 34b72af5a63b945c42b75f13d5d1ceee0d9c77acfd0abaac585ef70184b4d22a 205392 libssh-4_0.9.7-0+deb11u1_i386.deb
 eb5bb5c52f1c83258bb62163c7d4c9bc8a34be8a9f4d1aa3e12844ac4e96304d 259100 libssh-dev_0.9.7-0+deb11u1_i386.deb
 2dfc0081fc468cad30af989fcc4569cb5fe3f12a09c4a6d861227306938dc0d1 426492 libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_i386.deb
 0c1a460c6aa3fd6085cd1f5ba83ac4ca4045160cdbb22badf5ee24ddd4aadab7 237948 libssh-gcrypt-4_0.9.7-0+deb11u1_i386.deb
 a056546c036949568d486be02266a4ee40b7c772e17f8b8eb3590f0deaf79024 294676 libssh-gcrypt-dev_0.9.7-0+deb11u1_i386.deb
 4af5be069a54444f9d7acd155cc84f1ca1a18fa6ee9d97a268dd6950956a638c 9390 libssh_0.9.7-0+deb11u1_i386-buildd.buildinfo
Files:
 d73a7abe8028535af1be11ee9b8c204e 391272 debug optional libssh-4-dbgsym_0.9.7-0+deb11u1_i386.deb
 e719145cf4ec465878704e8d44458739 205392 libs optional libssh-4_0.9.7-0+deb11u1_i386.deb
 3e8b0c9dfcc03ed26a021d86262a88f3 259100 libdevel optional libssh-dev_0.9.7-0+deb11u1_i386.deb
 d8c4bf2ed926aef8d1e0870b619a6ed0 426492 debug optional libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_i386.deb
 33c12cb34159bf4016d00dc0b84db84f 237948 libs optional libssh-gcrypt-4_0.9.7-0+deb11u1_i386.deb
 fdd7a6890e6ffdf829ff848e688f747c 294676 libdevel optional libssh-gcrypt-dev_0.9.7-0+deb11u1_i386.deb
 e6d44b58c3b843715f2b9643b2baf3af 9390 libs optional libssh_0.9.7-0+deb11u1_i386-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7bJOCbihllHz5a8G6bGbnoZY/NwFAmRqZ+AACgkQ6bGbnoZY
/Ny7cBAAkli7Tq2LLoIT0jS9CbjKWhq0402RDlIKqPa9P2N/aTr8MO17TXvW7ZhS
1ZY1spyvfvlXKlxjxpeCDn7CK8WyfJTDKI+F2Ba5pOrv77QT6Jkg1sJVUiSfWVBI
RwI4Nn6ZGUF0mvKcbHMw2n0loi3PhbtsLKuWJrRfKQrA97OHGzKs3AmxiYzxpABS
slytiMCWgZPN5hk5faWuRRRKM5YiSHGQ52SaJl/GB5vlUXJsF5W290Xlgso8J/OV
hBjjTDgvgBzZPoLx0Yn0JhOh20wPWRkUICYeftNc0q3gT27Gkgnv6MaUxBfLx0ON
+ioGDvzuYEX5KOMIq6qvDI2tX5e4grYwhoZUVEPuiP+nl4yBNfeY7uU7r1HZ3/OY
gBYfHlYby4oWXQ3WeuIJyDC3avg2FUdxXa7CzBCK464iA671yGPMSgKZ7vD8PJOy
dAuh1HdT73Lm974s26spD5A+EI9cBdw4K1KQNeSWWh+Zzu76aNEzUh5gPoJHl0jY
NyCpfyW+56D5ByHXy4JNxd3Gjx5JV7DfR/XjB0vU52ryUJvbTqG2bEPQQlCDCuIM
17XQrjAbsuM6BfaRZ2KyntFKLukS2kqPVnKeXCaN0XUtbNNBC4eBx8sLffZuFcRu
sexA7LVd22KYH3IpJItVoYp+IjVu+tCHOfSY8g2IN/QEP9eUA7g=
=OwpL
-----END PGP SIGNATURE-----