./security/libssh, SSHv2+v1 protocol library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.106, Package name: libssh-0.106, Maintainer: is

libssh is a multiplatform C library implementing the SSHv2 and SSHv1 protocol
on client and server side. With libssh, you can remotely execute programs,
transfer files, use a secure and transparent tunnel for
your remote applications.


Required to run:
[security/heimdal] [security/openssl] [devel/argp] [devel/cmocka]

Required to build:
[pkgtools/cwrappers]

Package options: gssapi, openssl

Master sites:

Filesize: 547.887 KB

Version history: (Expand)


CVS history: (Expand)


   2023-12-18 18:07:25 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
libssh: update to 0.106.

version 0.10.6 (released 2023-12-18)
 * Fix CVE-2023-6004: Command injection using proxycommand
 * Fix CVE-2023-48795: Potential downgrade attack using strict kex
 * Fix CVE-2023-6918: Missing checks for return values of MD functions
 * Fix ssh_send_issue_banner() for CMD(PowerShell)
 * Avoid passing other events to callbacks when poll is called recursively (#202)
 * Allow @ in usernames when parsing from URI composes
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3
   2023-06-13 19:54:44 by Amitai Schleier | Files touched by this commit (3)
Log message:
libssh: add 'gssapi' option, enabled (as before) by default. Bump PKGREVISION.
   2023-05-07 12:21:56 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
libssh: update to 0.105.

version 0.10.5 (released 2023-05-04)
 * Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm guessing
 * Fix CVE-2023-2283: a possible authorization bypass in
   pki_verify_data_signature under low-memory conditions.
 * Fix several memory leaks in GSSAPI handling code
 * Escape braces in ProxyCommand created from ProxyJump options for zsh
   compatibility.
 * Fix pkg-config path relocation for MinGW
 * Improve doxygen documentation
 * Fix build with cygwin due to the glob support
 * Do not enqueue outgoing packets after sending SSH2_MSG_NEWKEYS
 * Add support for SSH_SUPPRESS_DEPRECATED
 * Avoid functions declarations without prototype to build with clang 15
 * Fix spelling issues
 * Avoid expanding KnownHosts, ProxyCommands and IdentityFiles repetitively
 * Add support sk-* keys through configuration
 * Improve checking for Argp library
 * Log information about received extensions
 * Correctly handle rekey with delayed compression
 * Move the EC keys handling to OpenSSL 3.0 API
 * Record peer disconnect message
 * Avoid deadlock when write buffering occurs and we call poll recursively to
   flush the output buffer
 * Disable preauthentication compression by default
 * Add CentOS 8 Stream / OpenSSL 1.1.1 to CI
 * Add accidentally removed default compile flags
 * Solve incorrect parsing of ProxyCommand option
   2023-04-15 23:36:14 by Tobias Nygren | Files touched by this commit (5) | Package updated
Log message:
libssh: update to 0.10.4

version 0.10.4 (released 2022-09-07)
  * Fixed issues with KDF on big endian
version 0.10.3 (released 2022-09-05)
  * Fixed possible infinite loop in known hosts checking
version 0.10.2 (released 2022-09-02)
  * Fixed tilde expansion when handling include directives
  * Fixed building the shared torture library
  * Made rekey test more robust (fixes running on i586 build systems e.g koji)
version 0.10.1 (released 2022-08-30)
  * Fixed proxycommand support
  * Fixed musl libc support
version 0.10.0 (released 2022-08-26)
  * Added support for OpenSSL 3.0
  * Added support for mbedTLS 3
  * Added support for Smart Cards  (through openssl pkcs11 engine)
  * Added support for chacha20-poly1305@openssh.com with libgcrypt
  * Added support ed25519 keys in PEM files
  * Added support for sk-ecdsa and sk-ed25519 (server side)
  * Added support for limiting RSA key sizes and not accepting small one by
    default
  * Added support for ssh-agent on Windows
  * Added ssh_userauth_publickey_auto_get_current_identity() API
  * Added ssh_vlog() API
  * Added ssh_send_issue_banner() API
  * Added ssh_session_set_disconnect_message() API
  * Added new configuration options:
    + IdentityAgent
    + ModuliFile
  * Provided X11 client example
  * Disabled DSA support at build time by default (will be removed in the next
    release)
  * Deprecated the SCP API!
  * Deprecated old pubkey, privatekey API
  * Avoided some needless large stack buffers to minimize memory footprint
  * Removed support for OpenSSL < 1.0.1
  * Fixed parsing username@host in login name
  * Free global init mutex in the destructor on Windows
  * Fixed PEM parsing in mbedtls to support both legacy and new PKCS8 formats
   2023-01-24 19:36:36 by Thomas Klausner | Files touched by this commit (103)
Log message:
*: convert to cmake/build.mk
   2022-01-29 19:05:30 by Thomas Klausner | Files touched by this commit (1)
Log message:
libssh: stop pulling in argp in buildlink3.mk
   2022-01-29 10:04:15 by Thomas Klausner | Files touched by this commit (1)
Log message:
libssh: argp is only used for examples, which are not installed

Bump PKGREVISION