-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 21 May 2023 18:22:05 +0000
Source: libssh
Architecture: source
Version: 0.9.7-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Laurent Bigonville <bigon@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Closes: 1035832
Changes:
 libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
Checksums-Sha1:
 2c97a5c41a1329c528ebe7f5cbe05d21bd41cdb7 2476 libssh_0.9.7-0+deb11u1.dsc
 078df560e5752977803a62f37aeef7c2b528eff6 504676 libssh_0.9.7.orig.tar.xz
 e28d1df76ce09b5a03e3c695b5c7d6dbe160cddc 27548 libssh_0.9.7-0+deb11u1.debian.tar.xz
 86ba5798b9e657cb81da4696be6c8ced85a31e51 6153 libssh_0.9.7-0+deb11u1_source.buildinfo
Checksums-Sha256:
 c9a4b6c6bce399c534b661525113fef7c9d92812f64e2f209125615419601180 2476 libssh_0.9.7-0+deb11u1.dsc
 84ac279fff2b8ab1b9b2f883aa3f9313b42dda51c121fe537f0c16417aa1ec72 504676 libssh_0.9.7.orig.tar.xz
 815e21f4ae3d675699c9d32883b0d2dfaf82c006df52515971279db9a5495bb7 27548 libssh_0.9.7-0+deb11u1.debian.tar.xz
 3058e32f591abf4331d680a651c750f0420fb7b17be32385d47d77f60fa64282 6153 libssh_0.9.7-0+deb11u1_source.buildinfo
Files:
 091a585dce4aa542dee951c0aaa35c91 2476 libs optional libssh_0.9.7-0+deb11u1.dsc
 8fcaba57438c382f0b29bd85d3c8c4ee 504676 libs optional libssh_0.9.7.orig.tar.xz
 7e34b58e3412bc0697cee1a1183a1373 27548 libs optional libssh_0.9.7-0+deb11u1.debian.tar.xz
 f602759a869e0a78b34d83c2c5b86ad8 6153 libs optional libssh_0.9.7-0+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmRqYW0ACgkQ7nvd5Lhr
VxORwBAAjrJ/ZHlX/2SSNMdvzhfzu+e3nWLcfLiacIOiGvTt88Sp3J+/th7hf3b6
/Og0mki2rVkMhyKds7a7JQGnL5k8E7KDeatWNbCEfV/M5XSHPK1eg4YAJnl+eg1P
aXKSlMJDv9WJy4Wn60i4PrornAvhw2eJ8pPpqaZiZBwKZjFAC7NLV1NRIas9/gJR
4BPk3JdiPVcSDL3YrHNFltxWzAwuQDxZDahF2F0b8MeYdqMebB7H7b8J5Pvz9b9m
19Ssa9GQohhb5GrFxhBapR+H3iHNAz1+tuJSObk/ecyffRWmeyL4EJQy3CQwezYx
mdfTgbGLuAJQVFFV55AGbW8Sf26mjTEz/HUCV3Tp4AE/MwOZGlCsntcZ00A0JMWB
ErgUpdLqF+RM70dE8mWirSNsYGzg0yHR7fW5/N16hIJs7Dcywd58Ao5HCT4sDvv+
ghgSlFbQrtpjvbe6vymKV2Pc79pxWnNWH7fyjQ9HuJa/uf02tSpUGAUTMUsXiftY
Hn3fNeiNaCo1RMJ4Ik3q7Vr/N75BarQ2Ml5Q8zFAAznmo/wME5BugSYEzxOGMBFJ
mVFmcz6Z/jQgBU2DRWTr7adtrhudjiAdiX1nko3fQtF1a0sZFXal/d6DKu2aevYy
I3AHvYFAKFMDDZ+DcpAzJjbJ1uJ13z/9I1QwvItkLMGt7kap1xM=
=zqsh
-----END PGP SIGNATURE-----