[ubuntu/trusty-proposed] libssh 0.6.1-0ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Mar 10 15:27:12 UTC 2014
libssh (0.6.1-0ubuntu3) trusty; urgency=medium
* SECURITY UPDATE: PRNG state reuse on forking servers
- debian/patches/CVE-2014-0017.patch: force reseed after fork in
include/libssh/wrapper.h, src/bind.c, src/libcrypto.c,
src/libgcrypt.c.
- CVE-2014-0017
Date: Mon, 10 Mar 2014 09:47:11 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/libssh/0.6.1-0ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 10 Mar 2014 09:47:11 -0400
Source: libssh
Binary: libssh-4 libssh-dev libssh-dbg libssh-doc
Architecture: source
Version: 0.6.1-0ubuntu3
Distribution: trusty
Urgency: medium
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libssh-4 - tiny C SSH library
libssh-dbg - tiny C SSH library. Debug symbols
libssh-dev - tiny C SSH library. Development files
libssh-doc - tiny C SSH library. Documentation files
Changes:
libssh (0.6.1-0ubuntu3) trusty; urgency=medium
.
* SECURITY UPDATE: PRNG state reuse on forking servers
- debian/patches/CVE-2014-0017.patch: force reseed after fork in
include/libssh/wrapper.h, src/bind.c, src/libcrypto.c,
src/libgcrypt.c.
- CVE-2014-0017
Checksums-Sha1:
6551bad557aef6c5b3d59b1f19ee03f21851387d 2111 libssh_0.6.1-0ubuntu3.dsc
af39d3e755de1cfd430ad016cae9c8c624e57e4a 10373 libssh_0.6.1-0ubuntu3.debian.tar.gz
Checksums-Sha256:
19f40e4e1f8f82e6fe15859f5e79942c28c7ccaafcf100eeaff6e920ea7624df 2111 libssh_0.6.1-0ubuntu3.dsc
af9850d56652603dba5146e91ac959d24e53c101e89946d90faf3c09c9250329 10373 libssh_0.6.1-0ubuntu3.debian.tar.gz
Files:
5af6e63ac11caf66489a09b31b86c82b 2111 libs optional libssh_0.6.1-0ubuntu3.dsc
cab30016af1b1b4337c4e2768c657002 10373 libs optional libssh_0.6.1-0ubuntu3.debian.tar.gz
Original-Maintainer: Laurent Bigonville <bigon at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJTHdkqAAoJEGVp2FWnRL6TYiYQAK45HmODgKYRkRi3zYLm4/0c
1yB51eID0v7PmgQt5k00A6WzlOwvRgOGP97YXrS8Zi9sBiDsNGYHQQXar9voT2Ng
Ut8nV5AjYPgmlp+AjXZj7GrJR+FMj39VNynBtv8IvX7PFMKkBRfHFQybNkGxLVWP
FfOZkHUfszpeBnCL3XJJi0mbiDY5LViK+ZZuxrjIm4+aKUfhZqX98NOqnKRaoakV
YCySvuJWXgV2vTNbV/6BcmLKPKb9BmE7KY0ylnCX/wefEdj0L/a+xYqu5k1Q2Wyl
1bdRuv3fjNNVpLsyY4MMmh/LA8tVAWp0ST/yJOp/KWK7T9c6UL1Bf0Ho4efoGo0z
w1xFu9IhEh7lAbFZS1lLbj06hmEXKXnEM5R7kflQoQ1oaUo1KGRAbeSVQ6kkQ4jl
azIzcnNYMxBopToecUEratu02obFaxkrnBQIJXAIkSpJk88rx4qNMMVXa3av1E8d
5iHphfzHs2ASMx2E2DxtOb3wnbLSrBIujJryO/N/JHFwdLO1Iehn/dHdkOlWAcUw
cxkU5vqn9XFwecIKf1bhNFsTFt1Q7X8OOn4Iv0v90SLbBry8fT2CtF1f4po+Wb9Z
Oz23AsMawB2FAtX5v9P7ZtQp7/AZiHT6WDZGjNk9fJrsNnFg17OMToIw9OdSqxcV
0RjH1amiGwlBy1on+RFf
=bMl0
-----END PGP SIGNATURE-----
More information about the Trusty-changes
mailing list