libssh2 (1.10.0-3) unstable; urgency=medium
* d/patches: Fix ssh2.sh test (Closes: #1006379)
* d/control: Add openssh-server in Build-Depends
* d/tests/control: Add openssh-server in Depends
* d/copyright: Update copyright years
-- Nicolas Mora <babelouest@debian.org> Tue, 01 Mar 2022 19:23:12 -0500
libssh2 (1.10.0-2) unstable; urgency=medium
* Upload to unstable
* d/control: upgrade standards version to 4.6.0
-- Nicolas Mora <babelouest@debian.org> Sat, 25 Sep 2021 08:43:37 -0400
libssh2 (1.10.0-1) experimental; urgency=medium
* New upstream release
* d/patches: remove CVE-2019-17498.patch
* d/libssh2-1.symbols: add new symbol
-- Nicolas Mora <babelouest@debian.org> Sun, 29 Aug 2021 17:21:29 -0400
libssh2 (1.9.0-3) unstable; urgency=medium
* d/rules: Build with openssl instead of libgcrypt (Closes: #668271)
* d/tests: Build with openssl instead of libgcrypt
-- Nicolas Mora <babelouest@debian.org> Sat, 27 Mar 2021 08:21:05 -0400
libssh2 (1.9.0-2) unstable; urgency=medium
* d/control: Fix VCS URIs
* d/control: add zlib1g-dev as dependency for libssh2-1-dev
-- Nicolas Mora <babelouest@debian.org> Mon, 14 Dec 2020 10:02:16 -0500
libssh2 (1.9.0-1) unstable; urgency=low
[ Mikhail Gusarov ]
* New upstream release (1.9.0) (Closes: #887976 #959881)
- Drop patches applied upstream:
- ced924b78a40126606797ef57a74066eb3b4b83f.patch
- CVE-2019-3855.patch
- CVE-2019-3856.patch
- CVE-2019-3857.patch
- CVE-2019-3858.patch
- CVE-2019-3859.patch
- CVE-2019-3860.patch
- CVE-2019-3861.patch
- CVE-2019-3862.patch
- CVE-2019-3863.patch
- Fixed-misapplied-patch-327.patch
- moved-MAX-size-declarations-330.patch
- Fixes CVE-2019-13115 (Closes: #932329).
* Acknowledge NMU 1.8.0-2.1, thanks to carnil@.
* Add debian/patches/CVE-2019-17498.patch, fixing CVE-2019-17498
(Closes: #943562).
* debian/copyright: Update upstream link to be https (Closes: #923088)
[ Nicolas Mora ]
* New maintainer (Closes: #975617)
* d/control: Update Standards-Version to 4.5.1
* d/control: Uses debhelper-compat to version 13
* d/control: Adds Rules-Requires-Root: no
* d/watch : upgrade version to 4 (no changes)
* d/upstream: Add metadata file
* d/tests: add autopkgtests
* d/control: Add VCS URIs
-- Nicolas Mora <babelouest@debian.org> Sat, 05 Dec 2020 16:15:24 -0500
libssh2 (1.8.0-2.1) unstable; urgency=high
* Non-maintainer upload.
* Possible integer overflow in transport read allows out-of-bounds write
(CVE-2019-3855) (Closes: #924965)
* Possible integer overflow in keyboard interactive handling allows
out-of-bounds write (CVE-2019-3856) (Closes: #924965)
* Possible integer overflow leading to zero-byte allocation and
out-of-bounds write (CVE-2019-3857) (Closes: #924965)
* Possible zero-byte allocation leading to an out-of-bounds read
(CVE-2019-3858) (Closes: #924965)
* Out-of-bounds reads with specially crafted payloads due to unchecked use
of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859)
(Closes: #924965)
* Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860)
(Closes: #924965)
* Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
(Closes: #924965)
* Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965)
* Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes (CVE-2019-3863) (Closes: #924965)
* Fixed misapplied patch for user auth.
* moved MAX size declarations
-- Salvatore Bonaccorso <carnil@debian.org> Sun, 31 Mar 2019 16:06:20 +0200
libssh2 (1.8.0-2) unstable; urgency=low
* Add missing zlib1g-dev dependency (Closes: #900558).
* Remove manual -dbg package and corresponding override in d/rules.
* Update Homepage, copyright and tarball download URL to use https.
* Clean spurious EOL whitespace from d/changelog.
* Add signature check to debian/watch.
* Update debhelper compatibility (and dependency).
* Remove no longer needed explicit dh --parallel flag
* Enable full hardening mode.
* Update packaging copyright years.
* Bump Standards-Version.
-- Mikhail Gusarov <dottedmag@debian.org> Sat, 23 Jun 2018 21:45:38 +0200
libssh2 (1.8.0-1) unstable; urgency=low
* New upstream release.
- Refresh 0001-Add-lgpg-error-to-.pc-to-facilitate-static-linking.patch
- Refresh 0001-Do-not-expose-private-libraries-nor-link-flags-to-us.patch
- Take ced924b78a40126606797ef57a74066eb3b4b83f.patch from upstream
* Do not build against OpenSSL even if libssl-dev is installed
(Closes: #857793).
-- Mikhail Gusarov <dottedmag@debian.org> Thu, 16 Mar 2017 00:56:58 +0100
libssh2 (1.7.0-1) unstable; urgency=low
* New upstream release(Closes: #825097).
- Refresh patches.
* Bump Standards-Version, no changes required.
-- Mikhail Gusarov <dottedmag@debian.org> Fri, 22 Jul 2016 09:05:27 +0200
# For older changelog entries, run 'apt-get changelog libssh2-1'
Generated by dwww version 1.14 on Fri Apr 18 07:52:36 CEST 2025.