-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 26 Nov 2025 10:29:30 +0100 Source: libssh Binary: libssh-4 libssh-4-dbgsym libssh-dev libssh-gcrypt-4 libssh-gcrypt-4-dbgsym libssh-gcrypt-dev Architecture: mips64el Version: 0.10.6-0+deb12u2 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-05) Changed-By: Emilio Pozuelo Monfort Description: libssh-4 - tiny C SSH library (OpenSSL flavor) libssh-dev - tiny C SSH library - Development files (OpenSSL flavor) libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor) libssh-gcrypt-dev - tiny C SSH library - Development files (gcrypt flavor) Closes: 1108407 Changes: libssh (0.10.6-0+deb12u2) bookworm; urgency=medium . [ Martin Pitt ] * stable-security → bookworm-security * Backport security patches from 0.11.2. - CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions - CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() - CVE-2025-5318: Likely read beyond bounds in sftp server handle management - CVE-2025-5351: Double free in functions exporting keys - CVE-2025-5372: ssh_kdf() returns a success code on certain failures - CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend https://www.libssh.org/2025/06/24/libssh-0-11-2-security-and-bugfix-release/ (Closes: #1108407) . [ Emilio Pozuelo Monfort ] * Add patch for CVE-2025-8114 * Add patches for CVE-2025-8277 Checksums-Sha1: 41a4cd66e1567bc212a3d18f4c26b820d83b6c64 528096 libssh-4-dbgsym_0.10.6-0+deb12u2_mips64el.deb 88015b9ab92424905b020a06db8cef7b05636b18 161908 libssh-4_0.10.6-0+deb12u2_mips64el.deb cc08ba3a8a7a82e687995d36657d1af4c4cf47c3 255800 libssh-dev_0.10.6-0+deb12u2_mips64el.deb ab5bd2bfcc3ebfb9996402a35c4462fcbfba1b3c 565128 libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_mips64el.deb 406f2eabf16f9427896f23231e5b9979b51e87a1 192560 libssh-gcrypt-4_0.10.6-0+deb12u2_mips64el.deb 730b293ef06c77416158721966df746c9891195e 291512 libssh-gcrypt-dev_0.10.6-0+deb12u2_mips64el.deb 2f4481c33af8ba5d746316eda76000ccc9366bc3 9478 libssh_0.10.6-0+deb12u2_mips64el-buildd.buildinfo Checksums-Sha256: b38795f517722cefea074d0daaea272a29d9a3f5f7280d86c3d57ca06a0ca5ca 528096 libssh-4-dbgsym_0.10.6-0+deb12u2_mips64el.deb fd75a33fa4025168cf6c4a5cc3c100ced43faca189df7ee5d2619ab0072d43f6 161908 libssh-4_0.10.6-0+deb12u2_mips64el.deb 27395e754c2f8bc02b2f1cba0a6229214b0fc3898829731d1df8f85783dd448f 255800 libssh-dev_0.10.6-0+deb12u2_mips64el.deb 23ca68530ba507becf905688aa264bdaf469e725bebbcec6a9c8e2267624c80c 565128 libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_mips64el.deb d1e1e0ef1c03d80b1abea313c51315fc88f05bd1c224be7f0f228e33b6c44cfb 192560 libssh-gcrypt-4_0.10.6-0+deb12u2_mips64el.deb 25d32346b677f02aa569c1e3ea87c482b0a61c2b5c0b2a2ee73da33b2a5d4c1f 291512 libssh-gcrypt-dev_0.10.6-0+deb12u2_mips64el.deb d74d4a0a4e82c03671737b5273c541ed27e69b488f92246ec2820ad7bc8e8384 9478 libssh_0.10.6-0+deb12u2_mips64el-buildd.buildinfo Files: 54dc50a4f51935cb4c3497999d9e1187 528096 debug optional libssh-4-dbgsym_0.10.6-0+deb12u2_mips64el.deb 985ca81e2f8813515569ef18d2146736 161908 libs optional libssh-4_0.10.6-0+deb12u2_mips64el.deb d41245699a7e10bb4b7e3abb4e4050f4 255800 libdevel optional libssh-dev_0.10.6-0+deb12u2_mips64el.deb dc779e02897706f53ad999726b6b7406 565128 debug optional libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_mips64el.deb 8a1f64dcb99dc3248c6e216ed414fc7e 192560 libs optional libssh-gcrypt-4_0.10.6-0+deb12u2_mips64el.deb 13266a1d130644b4806c808e7d252396 291512 libdevel optional libssh-gcrypt-dev_0.10.6-0+deb12u2_mips64el.deb 7dfe636dac154ac0b28a38264e0f8309 9478 libs optional libssh_0.10.6-0+deb12u2_mips64el-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYLhEzFkGpb3yYRVHmlVdU6AM9BUFAmk0IO8ACgkQmlVdU6AM 9BW5GxAAsv4icIO5Vh9yX5UNBxnOqGaPbOn5pSTmJW/jaSxbPa/Wocm+MKS2BXaM /v1szPFRlZSYJC6aymghlkmCgMTO8LVg3sV8+PSYMCSBpT+M1ZNcN2/si4FTXrU7 Qahl0MmFFGan0WgikaWS7/5XH81RX/Adrm3ztPQ1Ng0ZH6uZ3MyOOeMI6FKzOA3g TjGM3vLN6uCRUY6H9oQQA10pFJBeHr/emreGbeyBjHbwZdMfenP5jM2V238VdUMw GlcIrAr42YuO2Bs0WGFptQRnzVgvdQ7fhiMZBrK6SosL8NWj3xxylrp09ieu0y7I QLi/26m/Y+6aPtxrjDrtAK/KZB+J85etS+vNAhANY9po+wXQHHatfk9DLCZL+K7N ZjAw3T1x+RyMFG63LhE6X58YlQnbj+tTuN0cuYk9tJ/Cm12Wmxl6t7jLD6vqhooT DBJ+Ok0hG13ZJswdP6vEMs6CqgRkKyY9gLKfz2UHzRBkfsLFB6ytauHXukxwMfsf cLNWXm150fbAwHl4Sy05QkCepgORnSYfNhDCmX9X7xBSC0hwlORdZWjegZ84ROxF HUkESrGCGIKHi/GplY1O8hRiT2je25BtVYlibj8U5XXcg8wJUcUP4xvMnXV5ZvrW WBmdMLePRpYHAXrVT2r40jQ+sZmRyjRxyJ3E1RX/OKhzys8PP9E= =WE5b -----END PGP SIGNATURE-----