| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libssh-devel | Distribution: openSUSE Tumbleweed |
| Version: 0.11.3 | Vendor: openSUSE |
| Release: 1.1 | Build date: Tue Sep 9 17:19:24 2025 |
| Group: Development/Libraries/C and C++ | Build host: reproducible |
| Size: 182372 | Source RPM: libssh-0.11.3-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.libssh.org | |
| Summary: SSH library development headers | |
Development headers for the SSH library.
LGPL-2.1-or-later
* Tue Sep 09 2025 Lucas Mulling <lucas.mulling@suse.com>
- Update to 0.11.3
* Security:
* CVE-2025-8114: Fix NULL pointer dereference after allocation failure (bsc#1246974)
* CVE-2025-8277: Fix memory leak of ephemeral key pair during repeated wrong KEX (bsc#1249375)
* Potential UAF when send() fails during key exchange
* Bugfixes:
* Fix possible timeout during KEX if client sends authentication too early
* Cleanup OpenSSL PKCS#11 provider when loaded
* Zeroize buffers containing private key blobs during export
* Tue Jun 24 2025 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.11.2
* Security:
* CVE-2025-4877 - Write beyond bounds in binary to base64 conversion (bsc#1245309)
* CVE-2025-4878 - Use of uninitialized variable in privatekey_from_file() (bsc#1245310)
* CVE-2025-5318 - Likely read beyond bounds in sftp server handle management (bsc#1245311)
* CVE-2025-5351 - Double free in functions exporting keys (bsc#1245312)
* CVE-2025-5372 - ssh_kdf() returns a success code on certain failures (bsc#1245314)
* CVE-2025-5449 - Likely read beyond bounds in sftp server message decoding (bsc#1245316)
* CVE-2025-5987 - Invalid return code for chacha20 poly1305 with OpenSSL (bsc#1245317)
* Compatibility
* Fixed compatibility with CPM.cmake
* Compatibility with OpenSSH 10.0
* Tests compatibility with new Dropbear releases
* Removed p11-kit remoting from the pkcs11 testsuite
* Bugfixes
* Implement missing packet filter for DH GEX
* Properly process the SSH2_MSG_DEBUG message
* Allow escaping quotes in quoted arguments to ssh configuration
* Do not fail with unknown match keywords in ssh configuration
* Process packets before selecting signature algorithm during authentication
* Do not fail hard when the SFTP status message is not sent by noncompliant
servers
- Removed libssh-CmakeLists-Fix-multiple-digit-major-version-for-OpenSSH.patch
- Removed libssh-misc-Fix-OpenSSH-banner-parsing.patch
* Thu May 29 2025 Lucas Mulling <lucas.mulling@suse.com>
- Fix hang in torture_session test (bsc#1243799)
* Add patch libssh-tests-Fix-an-issue-where-torture_session-request-a-SIGTERM-too-early.patch
* Wed Apr 23 2025 Lucas Mulling <lucas.mulling@suse.com>
- Fix build and tests with OpenSSH >= 10.0
* Use %make_build instead of naked make
* Add patches:
- libssh-CmakeLists-Fix-multiple-digit-major-version-for-OpenSSH.patch
- libssh-misc-Fix-OpenSSH-banner-parsing.patch
* Tue Feb 18 2025 Lucas Mulling <lucas.mulling@suse.com>
- Move global config dir to /usr/etc/libssh (bsc#1222716)
* Add patch libssh-cmake-Add-option-WITH_HERMETIC_USR.patch
* Tue Feb 04 2025 Dominique Leuenberger <dimstar@opensuse.org>
- Do not Require cmake from the devel package: there is no
requirement that consumers would be using cmake.
- Own %{_libdir}/cmake to not leave traces when uninstalling the
package and being the only one left installing files to that
directory.
* Fri Sep 13 2024 Pedro Monreal <pmonreal@suse.com>
- Update to version 0.11.1:
* Fixed default TTY modes that are set when stdin is not
connected to tty.
* Fixed zlib cleanup procedure, which could crash on i386.
* Various test fixes improving their stability.
* Remove 0001-disable-timeout-test-on-slow-buildsystems.patch
to enable slow tests also in s390 s390x ppc64le.
* Fri Sep 13 2024 Pedro Monreal <pmonreal@suse.com>
- Set BuildArch: noarch for the config package as it only ships
configuration files.
* Fri Aug 09 2024 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.11.0
https://www.libssh.org/2024/08/08/libssh-0-11-0-release/
- Updated 0001-disable-timeout-test-on-slow-buildsystems.patch
- Removed libssh-fix-ipv6-hostname-regression.patch
* Fri Apr 12 2024 Pedro Monreal <pmonreal@suse.com>
- Don't change the path for crypto-policies libssh.config (bsc#1222716)
* Sat Dec 23 2023 Andreas Schneider <asn@cryptomilk.org>
- Fix regression parsing IPv6 addresses provided as hostname
* Added libssh-fix-ipv6-hostname-regression.patch
* Tue Dec 19 2023 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.10.6
https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
- Fix CVE-2023-6004: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (bsc#1218209)
- Fix CVE-2023-48795: prefix truncation breaking ssh channel integrity (bsc#1218126)
- Fix CVE-2023-6918: Added Missing checks for return values for digests (bsc#1218186)
* Mon Sep 25 2023 Pedro Monreal <pmonreal@suse.com>
- Enable crypto-policies support: [bsc#1211301]
* Rebase libssh_client.config libssh_server.config
* Fri Aug 04 2023 malcolmlewis@opensuse.org
- Add fix to spec file for the incorrect include path as a result
of the default openSSH move to /usr/etc, (boo#1211718).
* Sat May 06 2023 Dirk Müller <dmueller@suse.com>
- update to 0.10.5:
* Fix CVE-2023-1667: a NULL dereference during rekeying with
algorithm guessing
* Fix CVE-2023-2283: a possible authorization bypass in
pki_verify_data_signature under low-memory conditions.
* Fix several memory leaks in GSSAPI handling code
* Escape braces in ProxyCommand created from ProxyJump options
for zsh compatibility.
* Fix pkg-config path relocation for MinGW
* Improve doxygen documentation
* Fix build with cygwin due to the glob support
* Do not enqueue outgoing packets after sending
SSH2_MSG_NEWKEYS
* Add support for SSH_SUPPRESS_DEPRECATED
* Avoid functions declarations without prototype to build with
clang 15
* Fix spelling issues
* Avoid expanding KnownHosts, ProxyCommands and IdentityFiles
repetitively
* Add support sk-* keys through configuration
* Improve checking for Argp library
* Log information about received extensions
* Correctly handle rekey with delayed compression
* Move the EC keys handling to OpenSSL 3.0 API
* Record peer disconnect message
* Avoid deadlock when write buffering occurs and we call poll
recursively to flush the output buffer
* Disable preauthentication compression by default
* Add accidentally removed default compile flags
* Solve incorrect parsing of ProxyCommand option
* Wed Sep 07 2022 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.10.4
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.4
* Mon Sep 05 2022 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.10.3
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.3
* Fri Sep 02 2022 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.10.2
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.2
- Removed libssh-weak-attribute.patch
* Tue Aug 30 2022 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.10.1
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.1
- Enable client and server testing
* Added libssh-weak-attribute.patch
* Fri Aug 26 2022 Andreas Schneider <asn@cryptomilk.org>
- Update to version 0.10.0
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.0
- Removed 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
* Wed Jan 05 2022 Fabian Vogt <fabian@ritter-vogt.de>
- Add patch to make the compression option more compatible (boo#1192731):
* 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
/usr/include/libssh /usr/include/libssh/callbacks.h /usr/include/libssh/legacy.h /usr/include/libssh/libssh.h /usr/include/libssh/libssh_version.h /usr/include/libssh/libsshpp.hpp /usr/include/libssh/server.h /usr/include/libssh/sftp.h /usr/include/libssh/sftpserver.h /usr/include/libssh/ssh2.h /usr/lib/cmake /usr/lib/cmake/libssh /usr/lib/cmake/libssh/libssh-config-relwithdebinfo.cmake /usr/lib/cmake/libssh/libssh-config-version.cmake /usr/lib/cmake/libssh/libssh-config.cmake /usr/lib/libssh.so /usr/lib/pkgconfig/libssh.pc
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Oct 24 23:31:51 2025