-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 26 Nov 2025 10:29:30 +0100 Source: libssh Binary: libssh-4 libssh-4-dbgsym libssh-dev libssh-gcrypt-4 libssh-gcrypt-4-dbgsym libssh-gcrypt-dev Architecture: armhf Version: 0.10.6-0+deb12u2 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-ubc-03) Changed-By: Emilio Pozuelo Monfort Description: libssh-4 - tiny C SSH library (OpenSSL flavor) libssh-dev - tiny C SSH library - Development files (OpenSSL flavor) libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor) libssh-gcrypt-dev - tiny C SSH library - Development files (gcrypt flavor) Closes: 1108407 Changes: libssh (0.10.6-0+deb12u2) bookworm; urgency=medium . [ Martin Pitt ] * stable-security → bookworm-security * Backport security patches from 0.11.2. - CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions - CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() - CVE-2025-5318: Likely read beyond bounds in sftp server handle management - CVE-2025-5351: Double free in functions exporting keys - CVE-2025-5372: ssh_kdf() returns a success code on certain failures - CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend https://www.libssh.org/2025/06/24/libssh-0-11-2-security-and-bugfix-release/ (Closes: #1108407) . [ Emilio Pozuelo Monfort ] * Add patch for CVE-2025-8114 * Add patches for CVE-2025-8277 Checksums-Sha1: 76b695c51643a367544123d9de45eebfe26edb66 498684 libssh-4-dbgsym_0.10.6-0+deb12u2_armhf.deb 598f4424558792e48e58021ae520341ef0e8d6c7 163028 libssh-4_0.10.6-0+deb12u2_armhf.deb 6083604437cfe6faf22b79d4d349b01d9c6d31b1 218452 libssh-dev_0.10.6-0+deb12u2_armhf.deb 8191c677f767d59f0a561367ea3321827ff87f53 534332 libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_armhf.deb f000943be341784642a832aa8b358be785e520eb 191484 libssh-gcrypt-4_0.10.6-0+deb12u2_armhf.deb 01a9c885a86770660bda81686417ee9a5f162377 249612 libssh-gcrypt-dev_0.10.6-0+deb12u2_armhf.deb 286e3f1253e4e445a7fb01e3e9a82f4c76e9c216 9481 libssh_0.10.6-0+deb12u2_armhf-buildd.buildinfo Checksums-Sha256: fc1f2d9d84bcfd5cdb733f8caef26f3d31696ace9988c10db070f4317915c14d 498684 libssh-4-dbgsym_0.10.6-0+deb12u2_armhf.deb 007c8cb92e436ad06ea4d21ebbfb16e29f7b59f54463fd1ec47cd877a837d6df 163028 libssh-4_0.10.6-0+deb12u2_armhf.deb 3d11eadf08c0252e0508bfee89ff36ac2474660b4c0a4f7e9c7eed3be0aa25b2 218452 libssh-dev_0.10.6-0+deb12u2_armhf.deb 4c8082e131b209797eb344150a48abd4775210c343c5dca6eb1632e0f7e00bbe 534332 libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_armhf.deb e48dc999682e71057432fbdc73681f51830380fe4cdfdef475eee7a3503fc5c7 191484 libssh-gcrypt-4_0.10.6-0+deb12u2_armhf.deb 524e2ec88ba2c202e3378576eb3a2159d56b63f131e962050245e845c856599f 249612 libssh-gcrypt-dev_0.10.6-0+deb12u2_armhf.deb fc5cb41c23642df34a7b72f173f046bccfe70ba9ce7a93686434dbfdd967ccb8 9481 libssh_0.10.6-0+deb12u2_armhf-buildd.buildinfo Files: 2477498731ef54a50a0f796ac787b903 498684 debug optional libssh-4-dbgsym_0.10.6-0+deb12u2_armhf.deb 638146ca6aba1bfaf4cbce510ea92cb6 163028 libs optional libssh-4_0.10.6-0+deb12u2_armhf.deb d8e5d18eea8b8e942f728a618307d007 218452 libdevel optional libssh-dev_0.10.6-0+deb12u2_armhf.deb 83c6b97eec35a2f537f96b6a3bc3248d 534332 debug optional libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_armhf.deb 6855cbff9c2d9ce9d88e3d77ace43b5e 191484 libs optional libssh-gcrypt-4_0.10.6-0+deb12u2_armhf.deb 4d7771584c073edddc54f14949b28227 249612 libdevel optional libssh-gcrypt-dev_0.10.6-0+deb12u2_armhf.deb 8cb0fd0e14a2d5e8abef86f28e726aee 9481 libs optional libssh_0.10.6-0+deb12u2_armhf-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEENsdrABvTD8MQ0UffVza3l394K2AFAmk0HZoACgkQVza3l394 K2DtCxAAkhzDC55HOrj2u43iDpz+l0O1dEH2Gg0Bp4Dcdqdazw6qOXo35U+N+g1/ RDSlUVWOzdjQkgEtioFEXlhAqT1q/C+Lx8TbgEQazUboS7eCV48yvaUxZAlkILGk NixwdGEuJMLyGySMNNWE+AcD2vVts4FFvpWyUBaCqi/vZe0A5+lFIh0qoF6Yx6ai LrJC+qCLd1+rMbDspKU7KDdQ04N7vXhxkNE6iQldt5raU01gX0OVX55l9P5gpt8K 1UJPa35d9TuQ7Fn/3lLETbCrkHn21QdPAujNBnna+oPYn37ycUOI8Qk5ysmjhvT6 0seSaJ24YK9WYVF/C+UBpi6HiUn8XN93nEZI/KIN9mN2pjJPMDkMcLpvifGXr5Cf 0FuaLeqw+Neg6ngVetwRqzbrTUmz83x70JLqAiNLvEcduDPihuf9EbdHNajdEpfx gMmDF+CPdMBJw6Uc5wOdgEOSq7rQ7jsz/wRwEVeoTjDn3rGyrygpm/NWDK6c/mxN dgX5Z4TdAf/KDsdeS2OT4EJQmpv1Y0wx/kcJTAY3fCZ45XC4hsUsb1XMpB8XlJw3 WBL5c9lGmrRltvxO1ph3aKV3wG19AFOuc5pdOR+qXH93tyJqIwdgzM4zpmc6yMG7 a9yl6tdPObUkB3B6M/3j4at4MTRuldTSsfrimWQae6xSdJV7pV8= =+w1l -----END PGP SIGNATURE-----