Le mercredi 1 juillet 2026, 05:38:22 heure d’été d’Europe centrale Emmanuel 
Arias a écrit :
> Hello team!
> 
> Could you please review the patches for libssh2 [0].
> 
> I could note that CVE-2026-55200 and CVE-2026-55199 don't affect to bullseye,
> the vuln code is not in Bullseye. Tomorrow I will marke them in the security
> tracker.

I dislike
https://salsa.debian.org/lts-team/packages/libssh2/-/commit/4d5599dec2b07a994b63579617cf1adf03f2ca60

It touch an old patch file and create a new one. old patch changes have no 
metadata

 _libssh2_get_byte() could be may be added to lib if used in the future (it is 
up to you) or as an inline static function.

> 
> [0] https://salsa.debian.org/lts-team/packages/libssh2/-/tree/debian/bullseye
> 
> Thanks!
> 
> 
> 

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to