Accepted libssh 0.11.3-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted libssh 0.11.3-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 14 Sep 2025 11:41:55 +0000
Message-id: <[🔎] E1uxl7D-006VLg-2P@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 14 Sep 2025 09:54:50 +0200
Source: libssh
Architecture: source
Version: 0.11.3-1
Distribution: unstable
Urgency: medium
Maintainer: Laurent Bigonville <bigon@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Closes: 1109860 1114859
Changes:
 libssh (0.11.3-1) unstable; urgency=medium
 .
   * New upstream security/bug fix release:
     - CVE-2025-8114: Fix NULL pointer dereference after allocation failure
       (Closes: #1109860)
     - CVE-2025-8277: Fix memory leak of ephemeral key pair during repeated
       wrong KEX (Closes: #1114859)
     - Potential use-after-free when send() fails during key exchange
     - Fix possible timeout during KEX if client sends authentication too early
     - Cleanup OpenSSL PKCS#11 provider when loaded
     - Zeroize buffers containing private key blobs during export
Checksums-Sha1:
 5c54024a2835252b54fc1d6dd9aa91bfdfb395c6 2583 libssh_0.11.3-1.dsc
 50e1cdc6629ab76a9efa282551c990ebed451b7c 622776 libssh_0.11.3.orig.tar.xz
 e4d9b4b1557b1b1a470a0e18edbfda4a8f3c01c1 833 libssh_0.11.3.orig.tar.xz.asc
 c5eb28b68962eaa1ad2630651d885fa9f0843995 31520 libssh_0.11.3-1.debian.tar.xz
 8d73d648ac15741d1f6f809cede1956f5f6011e1 7659 libssh_0.11.3-1_source.buildinfo
Checksums-Sha256:
 92b0d2a6aef3a2431d2121ffc790e90a1006e7dff6eee7bf9def9db8cf61b9ec 2583 libssh_0.11.3-1.dsc
 7d8a1361bb094ec3f511964e78a5a4dba689b5986e112afabe4f4d0d6c6125c3 622776 libssh_0.11.3.orig.tar.xz
 2710f8785d21717097ee042884683ea14dd1be95c77d64e940ef7e58a9c8ca88 833 libssh_0.11.3.orig.tar.xz.asc
 7e2702135ef710ebdeb5bffbf41afcf3422135da8cf427fbe7ce9f5674f5e84e 31520 libssh_0.11.3-1.debian.tar.xz
 5cad6292254cd90e835f3c148a7c513f5c63e007e4451ff20495bae156bbd602 7659 libssh_0.11.3-1_source.buildinfo
Files:
 569b2afa4783fec7738b82361c657dfd 2583 libs optional libssh_0.11.3-1.dsc
 b55bad6ad6fd6b1e191fbb495adcfe40 622776 libs optional libssh_0.11.3.orig.tar.xz
 72d66ac3fac1b7df2782a13d619ea7c7 833 libs optional libssh_0.11.3.orig.tar.xz.asc
 c2c8615870e5f8d3f5b7ea9e75b9db16 31520 libs optional libssh_0.11.3-1.debian.tar.xz
 35b44f6791b3af37c477073923b5ec1a 7659 libs optional libssh_0.11.3-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmjGde0ACgkQ7nvd5Lhr
VxMSIw/+JT5I5Ti7RLcCSQx2TcuhBZk+aCkrtsFP/LUJ2yY7pkmZkt/IU81nrh5X
luAoxiOUWL8BnuHZvO8sBflJuBDF4FO/fobYPf+Xmflv0Pa+Yu19Ow5Veq9HqiwZ
C5xY9+Ltr0+lxOlRpbr4JVcK0H5uhZQp1uxiKa0CgZKpGbq2lz7/ZLn3YMk5m0Vy
IyMDWRDIt8ZEBW3FWN8zfVgQTOYas8APEiCjWbtHPdHwbblEVxKQvTmtTDN/UbOE
mKz8uS1cJkEFySMbvGfefODgCfztNLUf8H/0b57UD7A/S89dU/shZQVpvJp8Jt/o
A5JdHNUyklgDJRxRgjfG4wfEUK/VV8FFQ4r2EukF7fGDw36I225IRqZVwNQjyIG0
jvNzZvkGiUKg9M67/yZlGtW6+6IV13gXm3/kv7TucpivNLpamh6xagI2nmvjiiI7
bQWOovo3WfqyhkuJGNmrYHzp57yEO0x2Ax6ojoV4mag2VctbHgHlhjFam+cKXJgL
No3aIivrXel+msjSX38elUo6K+4C22Z7DahRctdTFt2TSzd76VJnJTV24HK8/1h6
bpWeY2jS3kTUI9s9mkfIkvSTWhVZt7RDGCsQ1Jjc61Noqal3AgnY3idKQeCNAL9o
AM/x5M+xUkKuRwtDmXgX88SB75UJRdxUq5BCjM9xAjIS0JEV0fo=
=hpY9
-----END PGP SIGNATURE-----

Attachment: pgpeXD8srWZjH.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted libfilter-perl 1.65-1 (source) into unstable
Next by Date: Accepted logapp 0.16-5 (source) into unstable
Previous by thread: Accepted libfilter-perl 1.65-1 (source) into unstable
Next by thread: Accepted logapp 0.16-5 (source) into unstable
Index(es):
- Date
- Thread