Your message dated Mon, 07 Dec 2020 01:33:49 +0000
with message-id <[email protected]>
and subject line Bug#887976: fixed in libssh2 1.9.0-1
has caused the Debian Bug report #887976,
regarding libssh2 memory leak when built with gcrypt
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
887976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887976
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libssh2-1
Version: 1.7.0-1
If libssh2 was built with gcrypt it leaks memory with every secure connection
call through curl.
The problem is the same as described here:
https://github.com/libssh2/libssh2/issues/124
This leak goes way back, i tested it on jessie, stretch, buster and it is still
present.
I suggest to build the libssh with open-ssl, because it solves the memory leak
problem.
I am using Linux 4.9.0-4-amd64 #1 SMP Debian 4.9.51-1 (2017-09-28) x86_64
GNU/Linux and libc6 2.24-11+deb9u1
--- End Message ---
--- Begin Message ---
Source: libssh2
Source-Version: 1.9.0-1
Done: Nicolas Mora <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libssh2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nicolas Mora <[email protected]> (supplier of updated libssh2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 05 Dec 2020 16:15:24 -0500
Source: libssh2
Architecture: source
Version: 1.9.0-1
Distribution: unstable
Urgency: low
Maintainer: Nicolas Mora <[email protected]>
Changed-By: Nicolas Mora <[email protected]>
Closes: 887976 923088 932329 943562 975617
Changes:
libssh2 (1.9.0-1) unstable; urgency=low
.
[ Mikhail Gusarov ]
* New upstream release (1.9.0) (Closes: #887976 #959881)
- Drop patches applied upstream:
- ced924b78a40126606797ef57a74066eb3b4b83f.patch
- CVE-2019-3855.patch
- CVE-2019-3856.patch
- CVE-2019-3857.patch
- CVE-2019-3858.patch
- CVE-2019-3859.patch
- CVE-2019-3860.patch
- CVE-2019-3861.patch
- CVE-2019-3862.patch
- CVE-2019-3863.patch
- Fixed-misapplied-patch-327.patch
- moved-MAX-size-declarations-330.patch
- Fixes CVE-2019-13115 (Closes: #932329).
* Acknowledge NMU 1.8.0-2.1, thanks to carnil@.
* Add debian/patches/CVE-2019-17498.patch, fixing CVE-2019-17498
(Closes: #943562).
* debian/copyright: Update upstream link to be https (Closes: #923088)
.
[ Nicolas Mora ]
* New maintainer (Closes: #975617)
* d/control: Update Standards-Version to 4.5.1
* d/control: Uses debhelper-compat to version 13
* d/control: Adds Rules-Requires-Root: no
* d/watch : upgrade version to 4 (no changes)
* d/upstream: Add metadata file
* d/tests: add autopkgtests
* d/control: Add VCS URIs
Checksums-Sha1:
5ba9870e5fc9c37df91e46d1b24a26a44a4e2a58 2007 libssh2_1.9.0-1.dsc
21e98282b103307a16792e5e2d4c99beaf0b3b9c 888551 libssh2_1.9.0.orig.tar.gz
da6d53025e56b7226d635ac8c209ccbf29349239 9048 libssh2_1.9.0-1.debian.tar.xz
85dea998b772098cf3a1c718eab531dc996892ba 6752 libssh2_1.9.0-1_amd64.buildinfo
Checksums-Sha256:
54ab86484980abd8dfaedc53b089674ee0e94373d544b218f0431bcc1aae903f 2007
libssh2_1.9.0-1.dsc
d5fb8bd563305fd1074dda90bd053fb2d29fc4bce048d182f96eaa466dfadafd 888551
libssh2_1.9.0.orig.tar.gz
df785c1d05cab187ad4c954a2f94c7a70aaa8e7148b873b5a837c240cd2bc16b 9048
libssh2_1.9.0-1.debian.tar.xz
4d78414569ee20134e97e9862b043d48748071d84e6176c70232271260dc7528 6752
libssh2_1.9.0-1_amd64.buildinfo
Files:
4abd111783f8daca4c354126243eb72c 2007 libs optional libssh2_1.9.0-1.dsc
1beefafe8963982adc84b408b2959927 888551 libs optional libssh2_1.9.0.orig.tar.gz
db2a08d4b42586886ef1ba1f7713bd20 9048 libs optional
libssh2_1.9.0-1.debian.tar.xz
906beed9ea3f81b82bc3a9ecd4091eb0 6752 libs optional
libssh2_1.9.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEhAWwL8wo75dEyPJT/oITlEC9IrkFAl/NggsACgkQ/oITlEC9
Irkh8g//fFlVAbGD8FM52FxGHbtwcVhvKR/ZwQGEfFYtjgnp3A/2BQX6uW9I+2Lx
HQVmxQB6gG/jLYNCbW5gIYlzIlfcXUnd7x7m5qrEkhEHB8bItAnz3KADw7BGqrYT
BroxHwXqV2sGKG9bWajyOzO8fJOBOOV/74KOBnN8eJ46D84wJ08NYVPL0jlGqklO
9ODD7xEBkyCUuTZhi86X33FGpZ7+wGodAt8Vw4hxEMaaNuapgtXMqaPUeJ1JgPVC
3C/FbvwHF5/VyMezfMK2RPRzVzThF8WvBVjP8U2soYEKrl0UdMMDhmGFiRuePgu1
UrBg7LRVbBVpF2aE8r++tdCDSkQZygV0kSDaklTZwMJusddBD1hcoa9boC0zVo1t
MNe4CidNEboMuGgwkfuFKeWODDl5/cq3Ie2hTngo8pWqApFJN4bYBuX49NNzdkXM
NHeMhsnsnmqPH2bFCDRNfarrknYeuNHq+ZIx6jchGKnpxaDDT+AFw47wggALKRir
38LzBZqyjmBJoO6EEXVWHBAhfW+g509aqmlTBSBEw9V4/0id/stJ8VPl6IhhLUrz
AUMc9XTyCFZkH+ebzaq3xD3Im8C6z8xstmVOFAqCKXvzBNyw9RVsrxndMU41Xw0L
tVLq53C//57ey49Rdw/OHQsHU9o57ef4Ty5RL/KM39doBPWZJlM=
=pjCf
-----END PGP SIGNATURE-----
--- End Message ---
