-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 21 May 2023 18:22:05 +0000
Source: libssh
Binary: libssh-4 libssh-4-dbgsym libssh-dev libssh-gcrypt-4 libssh-gcrypt-4-dbgsym libssh-gcrypt-dev
Architecture: s390x
Version: 0.9.7-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
 libssh-4   - tiny C SSH library (OpenSSL flavor)
 libssh-dev - tiny C SSH library - Development files (OpenSSL flavor)
 libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor)
 libssh-gcrypt-dev - tiny C SSH library - Development files (gcrypt flavor)
Closes: 1035832
Changes:
 libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
Checksums-Sha1:
 509311408e59f1307b712e4fd7b5516ff1cecbb6 480208 libssh-4-dbgsym_0.9.7-0+deb11u1_s390x.deb
 a1ee6dd8eb15938363e1bc87bd0fa0acc64daf50 168528 libssh-4_0.9.7-0+deb11u1_s390x.deb
 67b493cf328ed7186273d6556b6ac3ec54562d58 221240 libssh-dev_0.9.7-0+deb11u1_s390x.deb
 e07308aefed14528d998984dd5027d08190a11a8 519212 libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_s390x.deb
 50e8c7eecd213563a9f0e246018e97863f82d340 199876 libssh-gcrypt-4_0.9.7-0+deb11u1_s390x.deb
 130fcd6ee8e5cf8f53a3fa95935746c37f818263 255052 libssh-gcrypt-dev_0.9.7-0+deb11u1_s390x.deb
 970aafceb66d876bef18db1ab1435bc6b7f5951b 9383 libssh_0.9.7-0+deb11u1_s390x-buildd.buildinfo
Checksums-Sha256:
 4a0b07c2fcc60f7b43584ddf2ecd5d2c3c449d17d7cb836a6f28503bc36d7ae3 480208 libssh-4-dbgsym_0.9.7-0+deb11u1_s390x.deb
 a9af9cca457a9636086aff6c5fc8e95cfdbebb9c00fe20810887d734b3a5d84c 168528 libssh-4_0.9.7-0+deb11u1_s390x.deb
 6f87b40a6030814b3b8f54a04346c5d16c7f57b46c2fc742dd00a853c38b2755 221240 libssh-dev_0.9.7-0+deb11u1_s390x.deb
 f268432dedd34890565ee96f143647471e5c489379109de21aff9f4b32af5f4c 519212 libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_s390x.deb
 da2c24e1f9f32b3d053e4c8eeb8e898f5a95cc2f69c0598a730b519385100c96 199876 libssh-gcrypt-4_0.9.7-0+deb11u1_s390x.deb
 cbb0f82e1ff94201feb79e4da56b884ead8448698d243897d5915a3f19c262e8 255052 libssh-gcrypt-dev_0.9.7-0+deb11u1_s390x.deb
 fe37b45fa7fb944a4f0085d176e45fa9f0d36eb2704a5aec531f8f527880675e 9383 libssh_0.9.7-0+deb11u1_s390x-buildd.buildinfo
Files:
 8fa25a39b385b14688bb71bac890af48 480208 debug optional libssh-4-dbgsym_0.9.7-0+deb11u1_s390x.deb
 6b94509f748793c573ee7d5654eb5ed4 168528 libs optional libssh-4_0.9.7-0+deb11u1_s390x.deb
 85b192d62ceb996bd25d2869881f91c9 221240 libdevel optional libssh-dev_0.9.7-0+deb11u1_s390x.deb
 5aefb31803954737d05334462fc2f747 519212 debug optional libssh-gcrypt-4-dbgsym_0.9.7-0+deb11u1_s390x.deb
 5c7f1d39190767df04105de311a9ea89 199876 libs optional libssh-gcrypt-4_0.9.7-0+deb11u1_s390x.deb
 725ef957ef5968fe74fd35d2c0fd21a0 255052 libdevel optional libssh-gcrypt-dev_0.9.7-0+deb11u1_s390x.deb
 0f3b5fd67e09f16811d95ec3cb935b33 9383 libs optional libssh_0.9.7-0+deb11u1_s390x-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKrZTN06npYMYIgrtXmwDt3BKCdIFAmRqZ5MACgkQXmwDt3BK
CdJ4Cw/8CkdHLXS49HbaE7ta7fSRKikcCDOw1KPkB8JVpjwcB3IcFaIbMvoWfj4R
Pj1GZBvcsZgPRjFVLzgZuw48VhYKGH6xnAwC7pTf2NdNybrXwImM/mEcqhFQsLH/
0u7zkvI6HBJajeWBHSO7blR2skgVz2OCTEpdXMjx8t6VfnbWczvahuzV6SdD/NRR
+6Zf4qWp9knDINX5a5nCVwJRU/owbx3XrO2pSO3yUbjrLIWPdcIqYH4b9ujFmU4c
VQpSA+l61OYRNKcdt8UF27g0F3mCiIs8A4I769CFNHHHvLRbXOT5bIDnSiKL843B
LtbcXPbr5Qz7hRioQorCVZe/te3rrxU6yGGiZeerz8MbZialIGskN7bJWiuuEzfa
pWLaOHxL4ONxg1sm12A9pK2oNYya75zawrJgCDbzZkcYbzoAozaB84N0pefsmBEb
perFw8ec3iGmUi+VXvW2l08RKM0vdfBF1DpbytPNKN4wtdAP0Yz2ds5Z127rERj9
Ml/bq/tQLMd0aamB2Jj0+LSKBJTu1bhUCEd1LfYar3Hb1Vh/G58LEpn4WcmanqGM
9HgRq6WUSyW4jVjjPrnKW9l3tEkS7AJYx9PU64cl/BYAOIX3Me97HJm2rREvHpeM
4Og1sChY5yzlZyBxOU4iXyeSMrlrKxMmfCY08zx07YhKMXvyDsw=
=yO9q
-----END PGP SIGNATURE-----