On Tue, 02 Jan 2024 15:02:33 +0800, [email protected] wrote:
> 0001-libgcrypt.c-Fix-prototype-of-des3_encrypt-des3_decry.patch
> 0001-tests-CMakeLists.txt-do-not-search-ssh-sshd-commands.patch
> refreshed for 0.10.6
>
> Changelog:
> ==========
> * Fix CVE-2023-6004: Command injection using proxycommand
> * Fix CVE-2023-48795: Potential downgrade attack using strict kex
> * Fix CVE-2023-6918: Missing checks for return values of MD functions
> * Fix ssh_send_issue_banner() for CMD(PowerShell)
> * Avoid passing other events to callbacks when poll is called recursively
> (#202)
> * Allow @ in usernames when parsing from URI composes
>
> [...]
Applied, thanks!
[1/1] libssh: upgrade 0.10.5 -> 0.10.6
commit: 1bea2e8c3053e7ecffb04adaaded54555f2afa0b
Best regards,
--
Khem Raj <[email protected]>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#108092):
https://lists.openembedded.org/g/openembedded-devel/message/108092
Mute This Topic: https://lists.openembedded.org/mt/103477684/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
