Hi! On 2026-07-01 11:47, Bastien Roucaries wrote: > Le mercredi 1 juillet 2026, 05:38:22 heure d’été d’Europe centrale Emmanuel > Arias a écrit : > > Hello team! > > > > Could you please review the patches for libssh2 [0]. > > > > I could note that CVE-2026-55200 and CVE-2026-55199 don't affect to > > bullseye, > > the vuln code is not in Bullseye. Tomorrow I will marke them in the security > > tracker. > Thanks for your review!
> I dislike > https://salsa.debian.org/lts-team/packages/libssh2/-/commit/4d5599dec2b07a994b63579617cf1adf03f2ca60 > > It touch an old patch file and create a new one. old patch changes have no > metadata sorry, I fixed a bad function call later. I tought push --force to clean it but I don't have permissions, also I think that you don't prefer that. > > _libssh2_get_byte() could be may be added to lib if used in the future (it > is up to you) or as an inline static function. I added a new commit adding _lisssh2_get_byte() as static function. Could you please review it again? Thanks!! > > > > > [0] > > https://salsa.debian.org/lts-team/packages/libssh2/-/tree/debian/bullseye > > > > Thanks! > > > > > > > -- cheers, Emmanuel Arias ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ [email protected] ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: 13796755BBC72BB8ABE2AEB5 FA9DEC5DE11C63F1 ⠈⠳⣄
signature.asc
Description: PGP signature
