diff options
| author | Wang Mingyu <wangmy@fujitsu.com> | 2025-08-12 17:03:16 +0530 |
|---|---|---|
| committer | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-09-07 07:37:55 +0200 |
| commit | 9fb2e5ddd7ee631e8e6bb87c054eac9e2c8b2002 (patch) | |
| tree | f7dc246168300124c62437c7da20f9fa37ec7a1a /meta-python/recipes-devtools/python/python-requests-oauthlib.inc | |
| parent | ddaf16f1ca3027dbc3981b55e5cfc586ac5514be (diff) | |
| download | meta-openembedded-9fb2e5ddd7ee631e8e6bb87c054eac9e2c8b2002.tar.gz | |
libssh: upgrade 0.11.1 -> 0.11.2
* Security:
* CVE-2025-4877 - Write beyond bounds in binary to base64 conversion
* CVE-2025-4878 - Use of uninitialized variable in privatekey_from_file()
* CVE-2025-5318 - Likely read beyond bounds in sftp server handle management
* CVE-2025-5351 - Double free in functions exporting keys
* CVE-2025-5372 - ssh_kdf() returns a success code on certain failures
* CVE-2025-5449 - Likely read beyond bounds in sftp server message decoding
* CVE-2025-5987 - Invalid return code for chacha20 poly1305 with OpenSSL
* Compatibility
* Fixed compatibility with CPM.cmake
* Compatibility with OpenSSH 10.0
* Tests compatibility with new Dropbear releases
* Removed p11-kit remoting from the pkcs11 testsuite
* Bugfixes
* Implement missing packet filter for DH GEX
* Properly process the SSH2_MSG_DEBUG message
* Allow escaping quotes in quoted arguments to ssh configuration
* Do not fail with unknown match keywords in ssh configuration
* Process packets before selecting signature algorithm during authentication
* Do not fail hard when the SFTP status message is not sent by noncompliant
servers
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python-requests-oauthlib.inc')
0 files changed, 0 insertions, 0 deletions