buildroot/package/libssh
Peter Korsgaard a8362e5c85 package/libssh: security bump to version 0.10.6
Fixes the following security issues:

- CVE-2023-6004: Command Injection using malicious hostname in expanded proxycommand
  https://www.libssh.org/security/advisories/CVE-2023-6004.txt

- CVE-2023-48795: Avoid potential downgrade attacks by implementing strict kex
  https://www.libssh.org/security/advisories/CVE-2023-48795.txt

- CVE-2023-6918: Avoid potential use of weak keys in low memory conditions
  by systematically checking return values of MD functions.
  https://www.libssh.org/security/advisories/CVE-2023-6918.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-12-23 15:14:16 +01:00
..
Config.in
libssh.hash package/libssh: security bump to version 0.10.6 2023-12-23 15:14:16 +01:00
libssh.mk package/libssh: security bump to version 0.10.6 2023-12-23 15:14:16 +01:00