a8362e5c85
Fixes the following security issues: - CVE-2023-6004: Command Injection using malicious hostname in expanded proxycommand https://www.libssh.org/security/advisories/CVE-2023-6004.txt - CVE-2023-48795: Avoid potential downgrade attacks by implementing strict kex https://www.libssh.org/security/advisories/CVE-2023-48795.txt - CVE-2023-6918: Avoid potential use of weak keys in low memory conditions by systematically checking return values of MD functions. https://www.libssh.org/security/advisories/CVE-2023-6918.txt Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 lines
340 B
Plaintext
6 lines
340 B
Plaintext
# Locally calculated after checking pgp signature
|
|
# https://www.libssh.org/files/0.10/libssh-0.10.6.tar.xz.asc
|
|
# with key 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
|
|
sha256 1861d498f5b6f1741b6abc73e608478491edcf9c9d4b6630eef6e74596de9dc1 libssh-0.10.6.tar.xz
|
|
sha256 1656186e951db1c010a8485481fa94587f7e53a26d24976bef97945ad0c4df5a COPYING
|