Package: libssh / 0.6.3-4+deb8u2

Metadata

Package Version Patches format
libssh 0.6.3-4+deb8u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001_CVE 2014 8132.patch | (download)

src/kex.c | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

---
0002_CVE 2015 3146.patch | (download)

src/buffer.c | 8 8 + 0 - 0 !
src/packet_cb.c | 16 10 + 6 - 0 !
src/server.c | 8 5 + 3 - 0 !
3 files changed, 23 insertions(+), 9 deletions(-)

 [patch 1/2] cve-2015-3146: fix state validation in packet handlers

The state validation in the packet handlers for SSH_MSG_NEWKEYS and
SSH_MSG_KEXDH_REPLY had a bug which did not raise an error.

The issue has been found and reported by Mariusz Ziule.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
0003_CVE 2016 0739.patch | (download)

src/dh.c | 22 17 + 5 - 0 !
1 file changed, 17 insertions(+), 5 deletions(-)

 cve-2016-0739: truncated diffie-hellman secret length
1001_error msg typo fix.patch | (download)

src/pki_crypto.c | 4 2 + 2 - 0 !
src/pki_gcrypt.c | 2 1 + 1 - 0 !
2 files changed, 3 insertions(+), 3 deletions(-)

 fix spelling error in pki_* code
1003 custom lib names.patch | (download)

src/CMakeLists.txt | 7 6 + 1 - 0 !
src/threads/CMakeLists.txt | 2 1 + 1 - 0 !
2 files changed, 7 insertions(+), 2 deletions(-)

 allow to overwrite libssh's output_name.
2002 fix html doc generation.patch | (download)

doc/doxy.config.in | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 do not exclude "*/build/*" directory as buildd use that path
2003 disable expand_tilde_unix test.patch | (download)

tests/unittests/torture_misc.c | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

 disable torture_path_expand_tilde_unix, its not working well on buildd
 On buildd, the HOME is set to a non-existing directory, this makes
 torture_path_expand_tilde_unix fail