git.ipfire.org Git - ipfire-2.x.git/commit

author	Adolf Belka <adolf.belka@ipfire.org>
	Fri, 4 Jul 2025 10:14:36 +0000 (12:14 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Fri, 4 Jul 2025 11:06:14 +0000 (11:06 +0000)
commit	f31ba2c5ee9bd8414471f36ca1918ca769eb5a80
tree	852680afaaff208feacc7b2e5282276fe35f10a1	tree \| snapshot
parent	42e94a858f407b49c6f40f5c65d96a853c83177a	commit \| diff

libssh: Update to version 0.11.2

- Update from version 0.11.1 to 0.11.2
- Update of rootfile
- Changelog
    0.11.2
* Security:
   * CVE-2025-4877 - Write beyond bounds in binary to base64 conversion
   * CVE-2025-4878 - Use of uninitialized variable in privatekey_from_file()
   * CVE-2025-5318 - Likely read beyond bounds in sftp server handle management
   * CVE-2025-5351 - Double free in functions exporting keys
   * CVE-2025-5372 - ssh_kdf() returns a success code on certain failures
   * CVE-2025-5449 - Likely read beyond bounds in sftp server message decoding
   * CVE-2025-5987 - Invalid return code for chacha20 poly1305 with OpenSSL
* Compatibility
   * Fixed compatibility with CPM.cmake
   * Compatibility with OpenSSH 10.0
   * Tests compatibility with new Dropbear releases
   * Removed p11-kit remoting from the pkcs11 testsuite
* Bugfixes
   * Implement missing packet filter for DH GEX
   * Properly process the SSH2_MSG_DEBUG message
   * Allow escaping quotes in quoted arguments to ssh configuration
   * Do not fail with unknown match keywords in ssh configuration
   * Process packets before selecting signature algorithm during authentication
   * Do not fail hard when the SFTP status message is not sent by noncompliant
     servers

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/common/libssh		diff \| blob \| blame \| history
lfs/libssh		diff \| blob \| blame \| history