From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4cQXXS01Ybz36Wc for ; Mon, 15 Sep 2025 17:46:47 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "R13" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4cQXXL4tNjz32Zf for ; Mon, 15 Sep 2025 17:46:42 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4cQXXK2Z45z40Y; Mon, 15 Sep 2025 17:46:41 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1757958401; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jw8k2znTBdaW7PH+6JbkD3n97jFdRHHKvGxskaC44pc=; b=KtwT17I1ESBQd8G6YsQcN+hed/5HTir0NqraViFNoqG1n4R+LrRtVGEf+d796EXpOqpkFD EJbdV9V0FnxeEuDg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1757958401; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jw8k2znTBdaW7PH+6JbkD3n97jFdRHHKvGxskaC44pc=; b=FTw6HymHmrGkmWXsByi/SptGbYciLNQGroX9uyMQdPKnZnKqkVuXOiO7+Kg6fQaDgRQ7YL ydN1RWqQutFRgZAlpr+KPkECBrr+LmvqUGjBZOzMGPXFwQVIsmOljGQtVwpHa7ovq3q7f8 7hchZJp45lM08kG0jSQSL4MIDexqv9z/0RcVGBjw/dVJkVDzCGhDgFjQXsxnLQouX+t+AE Vz97s1YyAxggxykW4FAldoEhIVwlEN/9+WUSBhoDkfWhwvWgoalENvmmsN4HczAnaB0niJ yKuFlvIvymENx/8n+3DoXImzK4bEwDSE4qzOdm6PohewRXI24MY6hVCytX7zPw== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH] libssh: Update to version 0.11.3 Date: Mon, 15 Sep 2025 19:46:27 +0200 Message-ID: <20250915174630.2688676-12-adolf.belka@ipfire.org> In-Reply-To: <20250915174630.2688676-1-adolf.belka@ipfire.org> References: <20250915174630.2688676-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit - Update from version 0.11.2 to 0.11.3 - Update of rootfile - Changelog 0.11.3 * Security: * CVE-2025-8114: Fix NULL pointer dereference after allocation failure * CVE-2025-8277: Fix memory leak of ephemeral key pair during repeated wrong KEX * Potential UAF when send() fails during key exchange * Fix possible timeout during KEX if client sends authentication too early (#311) * Cleanup OpenSSL PKCS#11 provider when loaded * Zeroize buffers containing private key blobs during export Signed-off-by: Adolf Belka --- config/rootfiles/common/libssh | 2 +- lfs/libssh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/config/rootfiles/common/libssh b/config/rootfiles/common/libssh index 77dfc71cf..d0b55519f 100644 --- a/config/rootfiles/common/libssh +++ b/config/rootfiles/common/libssh @@ -14,5 +14,5 @@ #usr/lib/cmake/libssh/libssh-config.cmake #usr/lib/libssh.so usr/lib/libssh.so.4 -usr/lib/libssh.so.4.10.2 +usr/lib/libssh.so.4.10.3 #usr/lib/pkgconfig/libssh.pc diff --git a/lfs/libssh b/lfs/libssh index 80eaa0219..26d41dd38 100644 --- a/lfs/libssh +++ b/lfs/libssh @@ -24,7 +24,7 @@ include Config -VER = 0.11.2 +VER = 0.11.3 THISAPP = libssh-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 7f4a97b2027e386f5bfd308b1aac1938484722d4d1bb55ce0fa2de8358bedea47955df1cb4e68679033d1a5538058422770872f2f6513a82199ff506eccfad0e +$(DL_FILE)_BLAKE2 = 859e4af9bf6305e54175e456d153a85e678a6fc49ac184dbe09d94ab01dde42f0321f5a2ac35cf4ca9df188daab6c4bf3171dcd8a3776419a3a1a20474ccf89a install : $(TARGET) -- 2.51.0