Accepted libssh 0.12.0-1 (source) into unstable

Sun, 15 Mar 2026 02:19:32 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 15 Mar 2026 08:56:59 +0000
Source: libssh
Architecture: source
Version: 0.12.0-1
Distribution: unstable
Urgency: medium
Maintainer: Laurent Bigonville <[email protected]>
Changed-By: Martin Pitt <[email protected]>
Closes: 1127693
Changes:
 libssh (0.12.0-1) unstable; urgency=medium
 .
   * New upstream security/feature release:
     - CVE-2026-0964: SCP Protocol Path Traversal in ssh_scp_pull_request()
     - CVE-2026-0965: Possible Denial of Service when parsing unexpected
       configuration files
     - CVE-2026-0966: Buffer underflow in ssh_get_hexa() on invalid input
     - CVE-2026-0967: Specially crafted patterns could cause DoS
     - CVE-2026-0968: OOB Read in sftp_parse_longname()
     - CVE-2026-3731: Read buffer overrun when handling SFTP extensions
     - Note: CVE-2025-14821 is Windows specific, does not apply to Linux
     (Closes: #1127693)
   * Enable new FIDO/U2F support. Build-depend on libfido2-dev.
   * Drop "Priority: optional" field.  Debian Policy 4.7.3 made this obsolete.
     Bump Standards-Version accordingly.
Checksums-Sha1:
 820beaf979645ec3a76cc80bd1123da3ad42dd0e 2615 libssh_0.12.0-1.dsc
 468fc33daa7822fb5f90cb599a62242607f3e425 751928 libssh_0.12.0.orig.tar.xz
 e6d2bec8530cda5779e9e0b9058dc4d89be2c2b9 833 libssh_0.12.0.orig.tar.xz.asc
 be8be65311179f7e2d9732d9ea9d360fcc40108d 31932 libssh_0.12.0-1.debian.tar.xz
 b035d073a2d1c7d83fe43f6e765107d4d4c1c55d 7663 libssh_0.12.0-1_source.buildinfo
Checksums-Sha256:
 72aba33c68ba6b89d2c72c095f9e10d0252f31138feaf24086d72a3798ad8c27 2615 
libssh_0.12.0-1.dsc
 1a6af424d8327e5eedef4e5fe7f5b924226dd617ac9f3de80f217d82a36a7121 751928 
libssh_0.12.0.orig.tar.xz
 8eaf061c358ffc7ead729d6cd93da9286d831224e97b6fc6535669a2955d1be5 833 
libssh_0.12.0.orig.tar.xz.asc
 8f76de597989f3e4e0090467a244c2c57fd96f9ef5027218f67b26c744a3be36 31932 
libssh_0.12.0-1.debian.tar.xz
 88dc61c89cd1489c36c8b12d7476d183d0607a0ab38b481053cf1189199e6cba 7663 
libssh_0.12.0-1_source.buildinfo
Files:
 7f16589a71ef85e166aa3b11d344e4bf 2615 libs optional libssh_0.12.0-1.dsc
 244ff82e0902ba4bcd89e27f8cc2590c 751928 libs optional libssh_0.12.0.orig.tar.xz
 3fe0c5318468835f0d89328d357ba261 833 libs optional 
libssh_0.12.0.orig.tar.xz.asc
 602ebab4a69a485990ff559210fecdf8 31932 libs optional 
libssh_0.12.0-1.debian.tar.xz
 9b34f8539914c8ebf38f704e91d21c35 7663 libs optional 
libssh_0.12.0-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmm2dH8ACgkQ7nvd5Lhr
VxM+FA//X4I8gdTiQedAQWTZUWcrl7PYjwC87w6C8dai1h0F6dYpyykbZyW+i+UZ
UmPo45SIpnDOhgzRvv0N+V8Hjbzibp3CTIxjRvgMmeELsMSnNed0bP+/1Rssg3QJ
75aWqvA6ggX8QX6/e2OZi8JZoexPnlwEmipX+xhaYtTIgKm8J8TCngXkvnJgSQoe
W8CLXgwufshPzlkeiENpPuse1cjTtMcgGj7yoEWn6VPu5aGIAowddXPbxel7Utw/
ryUsRjRvYbYaNcSFKCwQYsaV3kfH0+qVLdGAH2q83qKfZwQcqVI34u8AkHRZUZld
ti2hTOLrCkGNKgF1pzv9kPJOvFcwTLhmQslJi6EAa/DEbrx+g+bym5uUIHL2lebt
pYDz3TvAZF2+CwvpwgmhUPUHV2dgTkk1SItxSR3ELoVJQsvfU1Rg73QWOIDvsenw
dpn8TZtWh19eNdOmf/bWPmxhef3EJHwovKgQ+m6GGQyQ1JJs8KzUjk8PecZGbyNc
MlJA9q8HsgpHXY7QYJw++ut5IhP/LyRjN8hw/QX99WXnT8t07CQYjELQWEmx9E/y
l7GaAyvaHGRrJ4BsG5644o0GquyN3SfhCAO0ty3MYNp/20Xz83AG61Oc3hZL/wck
r+m1s/gcZ2l5OTY558xsV9bCa3yl0UwiZv/xUorv4RySpvihTEs=
=X94n
-----END PGP SIGNATURE-----

Attachment: pgp4LC7IJiQY5.pgp
Description: PGP signature

Reply via email to