Change logs for libssh2 source package in Disco

libssh2 (1.8.0-2.1) unstable; urgency=high

  * Non-maintainer upload.
  * Possible integer overflow in transport read allows out-of-bounds write
    (CVE-2019-3855) (Closes: #924965)
  * Possible integer overflow in keyboard interactive handling allows
    out-of-bounds write (CVE-2019-3856) (Closes: #924965)
  * Possible integer overflow leading to zero-byte allocation and
    out-of-bounds write (CVE-2019-3857) (Closes: #924965)
  * Possible zero-byte allocation leading to an out-of-bounds read
    (CVE-2019-3858) (Closes: #924965)
  * Out-of-bounds reads with specially crafted payloads due to unchecked use
    of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859)
    (Closes: #924965)
  * Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860)
    (Closes: #924965)
  * Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
    (Closes: #924965)
  * Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965)
  * Integer overflow in user authenicate keyboard interactive allows
    out-of-bounds writes (CVE-2019-3863) (Closes: #924965)
  * Fixed misapplied patch for user auth.
  * moved MAX size declarations

 -- Salvatore Bonaccorso <email address hidden>  Sun, 31 Mar 2019 16:06:20 +0200

libssh2 (1.8.0-2) unstable; urgency=low

  * Add missing zlib1g-dev dependency (Closes: #900558).
  * Remove manual -dbg package and corresponding override in d/rules.
  * Update Homepage, copyright and tarball download URL to use https.
  * Clean spurious EOL whitespace from d/changelog.
  * Add signature check to debian/watch.
  * Update debhelper compatibility (and dependency).
  * Remove no longer needed explicit dh --parallel flag
  * Enable full hardening mode.
  * Update packaging copyright years.
  * Bump Standards-Version.

 -- Mikhail Gusarov <email address hidden>  Sat, 23 Jun 2018 21:45:38 +0200