-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 26 Nov 2025 10:29:30 +0100
Source: libssh
Binary: libssh-4 libssh-4-dbgsym libssh-dev libssh-gcrypt-4 libssh-gcrypt-4-dbgsym libssh-gcrypt-dev
Architecture: i386
Version: 0.10.6-0+deb12u2
Distribution: bookworm
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Description:
 libssh-4   - tiny C SSH library (OpenSSL flavor)
 libssh-dev - tiny C SSH library - Development files (OpenSSL flavor)
 libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor)
 libssh-gcrypt-dev - tiny C SSH library - Development files (gcrypt flavor)
Closes: 1108407
Changes:
 libssh (0.10.6-0+deb12u2) bookworm; urgency=medium
 .
   [ Martin Pitt ]
   * stable-security → bookworm-security
   * Backport security patches from 0.11.2.
      - CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions
      - CVE-2025-4878: Use of uninitialized variable in privatekey_from_file()
      - CVE-2025-5318: Likely read beyond bounds in sftp server handle management
      - CVE-2025-5351: Double free in functions exporting keys
      - CVE-2025-5372: ssh_kdf() returns a success code on certain failures
      - CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend
     https://www.libssh.org/2025/06/24/libssh-0-11-2-security-and-bugfix-release/
     (Closes: #1108407)
 .
   [ Emilio Pozuelo Monfort ]
   * Add patch for CVE-2025-8114
   * Add patches for CVE-2025-8277
Checksums-Sha1:
 6e53325e73216d961f34d3f730ce07c978024969 420676 libssh-4-dbgsym_0.10.6-0+deb12u2_i386.deb
 241bb041b2986136f4de82ec1e8c331bcb88583f 206868 libssh-4_0.10.6-0+deb12u2_i386.deb
 1a25cab3fe6690dec533ec89cb32e2e02f870d07 264448 libssh-dev_0.10.6-0+deb12u2_i386.deb
 10c50ec00e084ebc7a96fe3eac1aaa1731562daf 451500 libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_i386.deb
 21d2c265f769e80145e7da09aff8460aef59528e 237624 libssh-gcrypt-4_0.10.6-0+deb12u2_i386.deb
 ee8f999d7882118e99c1ada8044a77b5ca6fbb16 297244 libssh-gcrypt-dev_0.10.6-0+deb12u2_i386.deb
 3e690f3bd8e12254b13b86572f30aa8779bf4e89 9550 libssh_0.10.6-0+deb12u2_i386-buildd.buildinfo
Checksums-Sha256:
 56a6ef6a0a704616bebb66c0f0d4e3c64987c39274a5ab4b84f02e246fdcddbb 420676 libssh-4-dbgsym_0.10.6-0+deb12u2_i386.deb
 0b8b8a112e0b87ddacb77fbcafeddff3a3d2336966268e9e2ba4d12166b79e5c 206868 libssh-4_0.10.6-0+deb12u2_i386.deb
 5b648bd3aa838ba1f0eb7567608c22b3c7e40b852e4a990ccc0781254c39c274 264448 libssh-dev_0.10.6-0+deb12u2_i386.deb
 66f0ff9f0a7ced691b7f09922b9b90a66c60848dd358335b5145e9414fb38b38 451500 libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_i386.deb
 354421552b446074acc73ecbf83fa601dc62a91844c23ffecd56405590582c5a 237624 libssh-gcrypt-4_0.10.6-0+deb12u2_i386.deb
 1511d562686ed9585d2a670da0b11977250002d7db0c1941cfd6eeab22943f84 297244 libssh-gcrypt-dev_0.10.6-0+deb12u2_i386.deb
 cdf6d4e1fffb1e6ad720ad946cd2a6cd92a78ef0c6720d6912cd368b24657277 9550 libssh_0.10.6-0+deb12u2_i386-buildd.buildinfo
Files:
 602bf9f624af4b6f2d56d77993b50bec 420676 debug optional libssh-4-dbgsym_0.10.6-0+deb12u2_i386.deb
 6b1219a8339c1d2b0ac90496c9a91731 206868 libs optional libssh-4_0.10.6-0+deb12u2_i386.deb
 199f795b6f860a2d5a70bde56918019e 264448 libdevel optional libssh-dev_0.10.6-0+deb12u2_i386.deb
 9342cb665ceb84b7a335018bebc0bb29 451500 debug optional libssh-gcrypt-4-dbgsym_0.10.6-0+deb12u2_i386.deb
 ac02f733280bc69358dfcdf844064af8 237624 libs optional libssh-gcrypt-4_0.10.6-0+deb12u2_i386.deb
 17f538886bbc9edd20fa7f4913bbb36d 297244 libdevel optional libssh-gcrypt-dev_0.10.6-0+deb12u2_i386.deb
 ccfbe781b168d2cfc652854b8749b6ba 9550 libs optional libssh_0.10.6-0+deb12u2_i386-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEaPzFtKPtF0JrKPV5iZlfn74WV6kFAmk0HSQACgkQiZlfn74W
V6mqpw/9HIb1DwtqeBSQPX6fbjXfh9hVb+RCnQWKURTrddJL95HIxwjDrzbgQWrg
05F65x2z3Lp5SgHza8cO1mTw0iIN1t53Afrb9ZH8X+gBSZyxs0EqdsRQR/QdoWrK
hH5+iSjLj/L6AuN75ewgG1XSIuHX1Q/zsTamhN1vUx+W6c1pCMB5GpliUdZRmNCE
k7xHR5XPW9cI5DVBKPGT6xuL2FnmYhspFfbHTyhb2hp4ZY1XeV8HaFK9yQH8x95f
hiZPw3spa9Oq0KXet8NKpGUkW4rV57UfPFyg4rvLXxU3E6OS+VfKF43Pp97sxJuj
Cq8/p6qVlLdgcsbiTG4C9SBGK6HLR49cViXU9HWi4tK7aekxidA2ZzXAAAL1a04A
LmiNWnXMOz5TSER44/M0qi2ZLYEvCxKGqdffU78MJ1PzQtweu6DcVtaZhM0A3T2F
GvkkiLSpcmAanyFdFnKst1WR30AEVlZB7TZ/YdyFV1gBZbHUnFXEgjrXZRlhjbl5
n7LrSUwk4Rr7VDqSkD6bQJMMa3TvwF/qDLV8JYx8iAJmHnjg8od+ji3ziKUuYc+L
MOPF+7Zr70iHuLyoCKe2mneA6oLIijVXKAN4Gm6Liz1Yue2cId1prd5bhneJeHjB
cfxsfNFtHEYWEec8PcvkNGKjE2pSymU1U1B9uk8J/wZGDg+N2nE=
=OGdv
-----END PGP SIGNATURE-----