Ana Guerrero
f741729d58
- Update to version 0.11.2
* Security:
* CVE-2025-4877 - Write beyond bounds in binary to base64 conversion (bsc#1245309)
* CVE-2025-4878 - Use of uninitialized variable in privatekey_from_file() (bsc#1245310)
* CVE-2025-5318 - Likely read beyond bounds in sftp server handle management (bsc#1245311)
* CVE-2025-5351 - Double free in functions exporting keys (bsc#1245312)
* CVE-2025-5372 - ssh_kdf() returns a success code on certain failures (bsc#1245314)
* CVE-2025-5449 - Likely read beyond bounds in sftp server message decoding (bsc#1245316)
* CVE-2025-5987 - Invalid return code for chacha20 poly1305 with OpenSSL (bsc#1245317)
* Compatibility
* Fixed compatibility with CPM.cmake
* Compatibility with OpenSSH 10.0
* Tests compatibility with new Dropbear releases
* Removed p11-kit remoting from the pkcs11 testsuite
* Bugfixes
* Implement missing packet filter for DH GEX
* Properly process the SSH2_MSG_DEBUG message
* Allow escaping quotes in quoted arguments to ssh configuration
* Do not fail with unknown match keywords in ssh configuration
* Process packets before selecting signature algorithm during authentication
* Do not fail hard when the SFTP status message is not sent by noncompliant
servers
- Removed libssh-CmakeLists-Fix-multiple-digit-major-version-for-OpenSSH.patch
- Removed libssh-misc-Fix-OpenSSH-banner-parsing.patch
OBS-URL: https://build.opensuse.org/request/show/1288631
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libssh?expand=0&rev=79