Re: Jessie update of libssh?
Hi!
On Wed, Oct 17, 2018 at 08:29:18AM +0200, Moritz Muehlenhoff wrote:
> On Wed, Oct 17, 2018 at 03:57:50AM +0100, Ben Hutchings wrote:
> > On Wed, 2018-10-17 at 03:18 +0100, Ben Hutchings wrote:
> > > I've pushed backported fixes to a jessie-security branch at <
> > > https://salsa.debian.org/debian/libssh>; and uploaded packages to <
> > > https://people.debian.org/~benh/packages/jessie-security/>;.
> > >
> > > The fixes come from the upstream web site, but their version left the
> > > test suite broken. I got the test suite to build and pass, but I don't
> > > have a great deal of confidence in it. So I would appreciate any
> > > suggestions for how to test that the library still works for real
> > > applications. (Or, if you prefer, you could test and upload
> > > yourselves.)
> >
> > I also pushed a stretch-security branch with fixes taken from the
> > upstream v0-7 branch. Again, the test suite passes but I didn't know
> > how to test with real applications. I do *not* intend to upload to
> > stretch-security, but can do if you are short of time.
>
> JFTR, Salvatore has already uploaded a stretch build to security-master.
Yes, but not yet released a DSA, given we would like to expose more
testing on it.
Regards,
Salvatore
Reply to: