Bug#808890: jessie-pu: package libssh/0.6.3-4
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu
Greetings.
I would like to update libssh in Jessie via a sponsored NMU to fix
CVE-2015-3146, which is a non-DSA security bug and so would need to be fixed
via stable-proposed-updates. I updated libssh in Sid via sponsored NMU for
this and another CVE in Nov 2015.
The patch used to fix this came from upstream at:
https://www.libssh.org/security/patches/
Thanks.
-- Chris
--
Chris Knadle
Chris.Knadle@coredump.us
Reply to: