Change log for libssh2 package in Ubuntu
1 → 48 of 48 results | First • Previous • Next • Last |
libssh2 (1.11.0-5) unstable; urgency=medium * Mark builddep openssh-server with <!nocheck> (Closes: #1066111) * d/copyright add missing license and author in src/bcrypt_pbkdf.c and add missing author in src/blowfish.c (Closes: #1071566) * d/control: upgrade standards version to 4.7.0 * d/patches: Add mention Forwarded to patches -- Nicolas Mora <email address hidden> Thu, 25 Apr 2024 07:35:58 -0400
Available diffs
Superseded in oracular-release |
Published in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
libssh2 (1.11.0-4.1build2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 07:59:27 +0000
Available diffs
- diff from 1.11.0-4.1build1 to 1.11.0-4.1build2 (312 bytes)
libssh2 (1.11.0-4.1build1) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek <email address hidden> Mon, 04 Mar 2024 18:28:36 +0000
Available diffs
Superseded in noble-proposed |
libssh2 (1.11.0-4.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1062637 -- Graham Inggs <email address hidden> Wed, 28 Feb 2024 19:03:07 +0000
Available diffs
- diff from 1.11.0-4 to 1.11.0-4.1 (2.4 KiB)
libssh2 (1.11.0-2ubuntu0.1) mantic-security; urgency=medium * SECURITY UPDATE: Prefix truncation attack on BPP - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in src/kex.c, src/libssh2_priv.h, src/packet.c, src/packet.h, src/session.c, src/transport.c. - CVE-2023-48795 -- Marc Deslauriers <email address hidden> Wed, 10 Jan 2024 12:32:11 -0500
Available diffs
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
libssh2 (1.11.0-4) unstable; urgency=medium * d/patch: Add patch for Terrapin attack Fixes CVE-2023-48795 (Closes: #1059005) * d/copyright: Update copyright years -- Nicolas Mora <email address hidden> Tue, 19 Dec 2023 17:33:18 -0500
Available diffs
- diff from 1.11.0-3 to 1.11.0-4 (4.5 KiB)
libssh2 (1.11.0-3) unstable; urgency=medium * d/patch: Backport PR-1241 from upstream (Closes: #1056348) -- Nicolas Mora <email address hidden> Tue, 28 Nov 2023 13:12:56 -0500
Available diffs
- diff from 1.11.0-2 to 1.11.0-3 (948 bytes)
libssh2 (1.8.0-1ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: out of bounds memory access - debian/patches/CVE-2020-22218.patch: adds check for uninitialized variable total_num in _libssh2_transport_read of src/transport.c. - CVE-2020-22218 -- Ian Constantin <email address hidden> Thu, 14 Sep 2023 12:01:35 +0300
Available diffs
libssh2 (1.8.0-2.1ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: out of bounds memory access - debian/patches/CVE-2020-22218.patch: adds check for uninitialized variable total_num in _libssh2_transport_read of src/transport.c. - CVE-2020-22218 -- Ian Constantin <email address hidden> Thu, 14 Sep 2023 12:04:15 +0300
Available diffs
Superseded in noble-release |
Published in mantic-release |
Superseded in mantic-release |
Deleted in mantic-proposed (Reason: Moved to mantic) |
libssh2 (1.11.0-2) unstable; urgency=medium * upload to unstable * d/patch: re-enable sshd tests (Thanks Paul Howarth) -- Nicolas Mora <email address hidden> Fri, 09 Jun 2023 07:36:08 -0400
Available diffs
- diff from 1.10.0-3 to 1.11.0-2 (662.3 KiB)
Superseded in mantic-release |
Published in lunar-release |
Obsolete in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
libssh2 (1.10.0-3) unstable; urgency=medium * d/patches: Fix ssh2.sh test (Closes: #1006379) * d/control: Add openssh-server in Build-Depends * d/tests/control: Add openssh-server in Depends * d/copyright: Update copyright years -- Nicolas Mora <email address hidden> Tue, 01 Mar 2022 19:23:12 -0500
Available diffs
- diff from 1.9.0-3 to 1.10.0-3 (229.3 KiB)
- diff from 1.10.0-2build1 (in Ubuntu) to 1.10.0-3 (1.4 KiB)
libssh2 (1.10.0-2build1) jammy; urgency=medium * No-change rebuild against openssl3 -- Simon Chopin <email address hidden> Tue, 23 Nov 2021 17:59:14 +0100
Available diffs
- diff from 1.10.0-2 (in Debian) to 1.10.0-2build1 (308 bytes)
libssh2 (1.10.0-2) unstable; urgency=medium * Upload to unstable * d/control: upgrade standards version to 4.6.0 -- Nicolas Mora <email address hidden> Sat, 25 Sep 2021 08:43:37 -0400
Available diffs
- diff from 1.9.0-3 to 1.10.0-2 (233.5 KiB)
Superseded in jammy-release |
Obsolete in impish-release |
Deleted in impish-proposed (Reason: Moved to impish) |
libssh2 (1.9.0-3) unstable; urgency=medium * d/rules: Build with openssl instead of libgcrypt (Closes: #668271) * d/tests: Build with openssl instead of libgcrypt -- Nicolas Mora <email address hidden> Sat, 27 Mar 2021 08:21:05 -0400
Available diffs
- diff from 1.9.0-2 to 1.9.0-3 (1.0 KiB)
Superseded in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
libssh2 (1.9.0-2) unstable; urgency=medium * d/control: Fix VCS URIs * d/control: add zlib1g-dev as dependency for libssh2-1-dev -- Nicolas Mora <email address hidden> Mon, 14 Dec 2020 10:02:16 -0500
Available diffs
- diff from 1.9.0-1 to 1.9.0-2 (643 bytes)
libssh2 (1.9.0-1) unstable; urgency=low [ Mikhail Gusarov ] * New upstream release (1.9.0) (Closes: #887976 #959881) - Drop patches applied upstream: - ced924b78a40126606797ef57a74066eb3b4b83f.patch - CVE-2019-3855.patch - CVE-2019-3856.patch - CVE-2019-3857.patch - CVE-2019-3858.patch - CVE-2019-3859.patch - CVE-2019-3860.patch - CVE-2019-3861.patch - CVE-2019-3862.patch - CVE-2019-3863.patch - Fixed-misapplied-patch-327.patch - moved-MAX-size-declarations-330.patch - Fixes CVE-2019-13115 (Closes: #932329). * Acknowledge NMU 1.8.0-2.1, thanks to carnil@. * Add debian/patches/CVE-2019-17498.patch, fixing CVE-2019-17498 (Closes: #943562). * debian/copyright: Update upstream link to be https (Closes: #923088) [ Nicolas Mora ] * New maintainer (Closes: #975617) * d/control: Update Standards-Version to 4.5.1 * d/control: Uses debhelper-compat to version 13 * d/control: Adds Rules-Requires-Root: no * d/watch : upgrade version to 4 (no changes) * d/upstream: Add metadata file * d/tests: add autopkgtests * d/control: Add VCS URIs -- Nicolas Mora <email address hidden> Sat, 05 Dec 2020 16:15:24 -0500
Available diffs
- diff from 1.8.0-2.1build1 (in Ubuntu) to 1.9.0-1 (403.0 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Published in focal-release |
Obsolete in eoan-release |
Deleted in eoan-proposed (Reason: moved to release) |
libssh2 (1.8.0-2.1build1) eoan; urgency=medium * No-change upload with strops.h and sys/strops.h removed in glibc. -- Matthias Klose <email address hidden> Thu, 05 Sep 2019 11:00:41 +0000
Available diffs
Superseded in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
libssh2 (1.8.0-2.1) unstable; urgency=high * Non-maintainer upload. * Possible integer overflow in transport read allows out-of-bounds write (CVE-2019-3855) (Closes: #924965) * Possible integer overflow in keyboard interactive handling allows out-of-bounds write (CVE-2019-3856) (Closes: #924965) * Possible integer overflow leading to zero-byte allocation and out-of-bounds write (CVE-2019-3857) (Closes: #924965) * Possible zero-byte allocation leading to an out-of-bounds read (CVE-2019-3858) (Closes: #924965) * Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859) (Closes: #924965) * Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860) (Closes: #924965) * Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861) (Closes: #924965) * Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965) * Integer overflow in user authenicate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) (Closes: #924965) * Fixed misapplied patch for user auth. * moved MAX size declarations -- Salvatore Bonaccorso <email address hidden> Sun, 31 Mar 2019 16:06:20 +0200
Available diffs
- diff from 1.8.0-2 to 1.8.0-2.1 (8.4 KiB)
libssh2 (1.4.3-2ubuntu0.2) trusty-security; urgency=medium * SECURITY UPDATE: Buffer overrun - debian/patches/CVE-2015-1782.patch: kex: bail out on rubbish in the incoming packet - CVE-2015-1782 -- Mike Salvatore <email address hidden> Thu, 14 Feb 2019 09:23:46 -0500
Available diffs
Superseded in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
libssh2 (1.8.0-2) unstable; urgency=low * Add missing zlib1g-dev dependency (Closes: #900558). * Remove manual -dbg package and corresponding override in d/rules. * Update Homepage, copyright and tarball download URL to use https. * Clean spurious EOL whitespace from d/changelog. * Add signature check to debian/watch. * Update debhelper compatibility (and dependency). * Remove no longer needed explicit dh --parallel flag * Enable full hardening mode. * Update packaging copyright years. * Bump Standards-Version. -- Mikhail Gusarov <email address hidden> Sat, 23 Jun 2018 21:45:38 +0200
Available diffs
- diff from 1.8.0-1 to 1.8.0-2 (1.9 KiB)
Superseded in cosmic-release |
Published in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
libssh2 (1.8.0-1) unstable; urgency=low * New upstream release. - Refresh 0001-Add-lgpg-error-to-.pc-to-facilitate-static-linking.patch - Refresh 0001-Do-not-expose-private-libraries-nor-link-flags-to-us.patch - Take ced924b78a40126606797ef57a74066eb3b4b83f.patch from upstream * Do not build against OpenSSL even if libssl-dev is installed (Closes: #857793). -- Mikhail Gusarov <email address hidden> Thu, 16 Mar 2017 00:56:58 +0100
Available diffs
- diff from 1.7.0-1ubuntu1 (in Ubuntu) to 1.8.0-1 (237.0 KiB)
libssh2 (1.4.3-2ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: Generated secrets too short during key exchange (LP: #1664812). - debian/patches/CVE-2016-0787.patch: convert bytes to bits in random number generation. Based on upstream patch. - CVE-2016-0787 -- Brian Morton <email address hidden> Thu, 16 Feb 2017 11:47:00 -0500
Available diffs
libssh2 (1.2.8-2ubuntu0.1) precise-security; urgency=medium * SECURITY UPDATE: Generated secrets too short during key exchange (LP: #1664812). - debian/patches/CVE-2016-0787.patch: convert bytes to bits in random number generation. Based on upstream patch. - CVE-2016-0787 -- Brian Morton <email address hidden> Thu, 16 Feb 2017 16:15:00 -0500
Available diffs
Superseded in artful-release |
Obsolete in zesty-release |
Deleted in zesty-proposed (Reason: moved to release) |
libssh2 (1.7.0-1ubuntu1) zesty; urgency=medium * SECURITY UPDATE: Generated secrets too short during key exchange (LP: #1664812). - debian/patches/CVE-2016-0787.patch: convert bytes to bits in random number generation. Based on upstream patch. - CVE-2016-0787 -- Brian Morton <email address hidden> Tue, 14 Feb 2017 22:51:13 -0500
Available diffs
libssh2 (1.5.0-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Generated secrets too short during key exchange (LP: #1664812). - debian/patches/CVE-2016-0787.patch: convert bytes to bits in random number generation. Based on upstream patch. - CVE-2016-0787 -- Brian Morton <email address hidden> Tue, 14 Feb 2017 23:33:00 -0500
Available diffs
libssh2 (1.7.0-1ubuntu0.1) yakkety-security; urgency=medium * SECURITY UPDATE: Generated secrets too short during key exchange (LP: #1664812). - debian/patches/CVE-2016-0787.patch: convert bytes to bits in random number generation. Based on upstream patch. - CVE-2016-0787 -- Brian Morton <email address hidden> Tue, 14 Feb 2017 22:51:13 -0500
Available diffs
Superseded in zesty-release |
Obsolete in yakkety-release |
Deleted in yakkety-proposed (Reason: moved to release) |
libssh2 (1.7.0-1) unstable; urgency=low * New upstream release(Closes: #825097). - Refresh patches. * Bump Standards-Version, no changes required. -- Mikhail Gusarov <email address hidden> Fri, 22 Jul 2016 09:05:27 +0200
Available diffs
- diff from 1.5.0-2.1 to 1.7.0-1 (147.9 KiB)
libssh2 (1.5.0-2.1) unstable; urgency=medium * Non-maintainer upload. * CVE-2016-0787: bits/bytes confusion resulting in truncated Diffie-Hellman secret length (Closes: #815662) -- Salvatore Bonaccorso <email address hidden> Tue, 23 Feb 2016 20:22:46 +0100
Available diffs
- diff from 1.5.0-2 to 1.5.0-2.1 (988 bytes)
Superseded in yakkety-release |
Published in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
libssh2 (1.5.0-2) unstable; urgency=medium * Fix ABI by linking to gcrypt again (Closes: #781507) -- Mikhail Gusarov <email address hidden> Mon, 30 Mar 2015 11:43:48 +0200
Available diffs
- diff from 1.4.3-4.1 to 1.5.0-2 (145.6 KiB)
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
libssh2 (1.4.3-4.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Add 0003-CVE-2015-1782.patch. CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded. (Closes: #780249) -- Salvatore Bonaccorso <email address hidden> Wed, 11 Mar 2015 12:08:30 +0100
Available diffs
- diff from 1.4.3-4 to 1.4.3-4.1 (1.8 KiB)
libssh2 (1.4.3-4) unstable; urgency=low * Update description to mention SFTPv5 support (Closes: #671199). * Add -lgpg-error to .pc file to fix static linking against libgcrypt (Closes: #760359). -- Mikhail Gusarov <email address hidden> Wed, 03 Sep 2014 15:49:23 +0200
Available diffs
- diff from 1.4.3-3 to 1.4.3-4 (1.5 KiB)
Superseded in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
libssh2 (1.4.3-3) unstable; urgency=low * Do not expose private libraries nor link flags to users of libssh2 (Closes: #747417). * Rebuild with libgcrypt20 (Closes: #744829). * Fix typos in manpages. * Bump Standards-Version, no changes required. -- Mikhail Gusarov <email address hidden> Mon, 19 May 2014 10:23:27 +0200
Available diffs
- diff from 1.4.3-2 to 1.4.3-3 (1.8 KiB)
Superseded in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
libssh2 (1.4.3-2) unstable; urgency=medium * Make package multi-arch-aware (Closes: #731310). * Bump Standards-Version, no changes required. -- Mikhail Gusarov <email address hidden> Wed, 04 Dec 2013 21:29:00 +0100
Available diffs
- diff from 1.4.3-1 to 1.4.3-2 (753 bytes)
Superseded in trusty-release |
Obsolete in saucy-release |
Deleted in saucy-proposed (Reason: moved to release) |
libssh2 (1.4.3-1) unstable; urgency=low * New upstream release. - Drop debian/patches/with-gcrypt.patch, applied upstream. * Incorporate 1.4.2-1.1 NMU by Dmitry. Thanks! -- Mikhail Gusarov <email address hidden> Tue, 21 May 2013 12:09:00 +0200
Available diffs
- diff from 1.4.2-1.1 to 1.4.3-1 (105.0 KiB)
libssh2 (1.4.2-1.1) unstable; urgency=medium * Non-maintainer upload. * Added patch to fix pkg-config/libgcrypt dependency (Closes: #675785). * Install upstream ChangeLog (Closes: #675782). * debian/control: + libssh2-1-dev to depend on libgcrypt11-dev. + added Homepage field. -- Dmitry Smirnov <email address hidden> Sat, 04 Aug 2012 19:13:21 +1000
Available diffs
- diff from 1.4.2-1 to 1.4.2-1.1 (1.4 KiB)
libssh2 (1.4.2-1) unstable; urgency=low * New upstream release. -- Mikhail Gusarov <email address hidden> Mon, 28 May 2012 17:41:48 +0200
Available diffs
- diff from 1.4.1-1 to 1.4.2-1 (143.0 KiB)
libssh2 (1.4.1-1) unstable; urgency=low * New upstream release. - Drop debian/patches/undefined-libssh-error.patch, upstream. -- Mikhail Gusarov <email address hidden> Sun, 08 Apr 2012 16:39:12 +0200
Available diffs
- diff from 1.2.8-2 (in Ubuntu) to 1.4.1-1 (96.5 KiB)
libssh2 (1.2.8-2) unstable; urgency=low * Fix version in pkg-config file (Closes: #637670). -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 17 Oct 2011 11:11:04 +0000
Available diffs
- diff from 1.2.8-1 to 1.2.8-2 (1.2 KiB)
libssh2 (1.2.8-1) unstable; urgency=low * New upstream release.
Available diffs
- diff from 1.2.6-1 to 1.2.8-1 (157.3 KiB)
libssh2 (1.2.6-1) unstable; urgency=low * New upstream release. - Update symbols file. libssh2_error and libssh2_kex_exchange symbols were unexported, being private. * Simplify package description (Closes: #580325). * Update Maintainer field to use my @debian.org address. * Convert debian/copyright to machine-readable format. -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 11 Jun 2010 08:34:54 +0100
Available diffs
- diff from 1.2.5-1 to 1.2.6-1 (97.9 KiB)
libssh2 (1.2.5-1) unstable; urgency=low * New upstream release. - Update symbols file. * Convert to source format 3.0 (quilt) * Bump Standards-Version to 3.8.4, no changes needed.
Available diffs
- diff from 1.2.2-1 to 1.2.5-1 (115.5 KiB)
libssh2 (1.2.2-1) unstable; urgency=low * New upstream release. * Run autoreconf during build to update libtool/automake/autoconf generated files (Closes: #558523). - Expand list of files to stash before build and to restore after. * Remove disable_example_compilation.patch, example compilation does not hurt anyone. - Remove quilt from Build-Depends, - Stop call patch/unpatch in debian/rules, - Remove README.source. -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 05 Jan 2010 00:31:47 +0000
Available diffs
- diff from 1.2.1-2 to 1.2.2-1 (13.3 KiB)
libssh2 (1.2.1-2) unstable; urgency=low * Install libssh2.pc (Closes: #554437) -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 17 Nov 2009 17:46:19 +0000
Available diffs
- diff from 1.2.1-1 to 1.2.1-2 (322 bytes)
libssh2 (1.2.1-1) unstable; urgency=low * debian/watch: - update to match changed upstream download location. * debian/rules: - adjust "keep files" list in order to produce clean .diff.gz - avoid installing .gitignore alongside the examples - stylistic fixes * debian/control: - bump Standards-Version, no changes required.
Available diffs
- diff from 1.1-1 to 1.2.1-1 (571.4 KiB)
libssh2 (1.1-1) unstable; urgency=low * New upstream release. - Dropped unexport-private-symbols.patch, applied upstream. - Dropped fix_manpage.patch, applied upstream. - Lots of private symbols were un-exported, adjusting libssh2-1.symbols * Updating Standards-Version to 3.8.1, no changes required.
Available diffs
- diff from 0.18-1 to 1.1-1 (407.8 KiB)
Superseded in karmic-release |
Obsolete in jaunty-release |
Obsolete in intrepid-release |
Obsolete in hardy-release |
libssh2 (0.18-1) unstable; urgency=low * New upstream release - Removed 'CVS directories in tarball' lintian override. - Added patch fixing the syntactic errors in manpages. -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 19 Nov 2007 14:08:36 +0000
libssh2 (0.17-1) unstable; urgency=low * New upstream release (Closes: #409362, #430569): * ABI change: soname changed (adding Conflicts and Replaces to new -dev package) * installing more documentation. * added lintian override: CVS directory accidentally went in release tarball. * Build using libgcrypt, not OpenSSL (Closes: #409362). * Quilt introduced to manage patches: * Added patch disabling compilation of example. * Watch file added. * ${Source-Version} changed to ${binary:Version}: makes lintian happy and allows binNMUs. -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 23 Oct 2007 17:25:41 +0100
libssh2 (0.14+20070102-1) unstable; urgency=low * Initial release (Closes: #403446). -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 02 May 2007 14:08:15 +0100
1 → 48 of 48 results | First • Previous • Next • Last |