1. 22 Nov, 2021 2 commits
  2. 28 Oct, 2021 1 commit
  3. 11 Mar, 2021 1 commit
  4. 20 Feb, 2021 1 commit
  5. 14 Dec, 2020 1 commit
    • Nicolas Mora's avatar
      Import Debian changes 1.9.0-2 · 5d9f291b
      Nicolas Mora authored
      libssh2 (1.9.0-2) unstable; urgency=medium
      
        * d/control: Fix VCS URIs
        * d/control: add zlib1g-dev as dependency for libssh2-1-dev
      
      libssh2 (1.9.0-1) unstable; urgency=low
      
        [ Mikhail Gusarov ]
        * New upstream release (1.9.0) (Closes: #887976 #959881)
          - Drop patches applied upstream:
            - ced924b78a40126606797ef57a74066eb3b4b83f.patch
            - CVE-2019-3855.patch
            - CVE-2019-3856.patch
            - CVE-2019-3857.patch
            - CVE-2019-3858.patch
            - CVE-2019-3859.patch
            - CVE-2019-3860.patch
            - CVE-2019-3861.patch
            - CVE-2019-3862.patch
            - CVE-2019-3863.patch
            - Fixed-misapplied-patch-327.patch
            - moved-MAX-size-declarations-330.patch
          - Fixes CVE-2019-13115 (Closes: #932329).
        * Acknowledge NMU 1.8.0-2.1, thanks to carnil@.
        * Add debian/patches/CVE-2019-17498.patch, fixing CVE-2019-17498
          (Closes: #943562).
        * debian/copyright: Update upstream link to be https (Closes: #923088)
      
        [ Nicolas Mora ]
        * New maintainer (Closes: #975617)
        * d/control: Update Standards-Version to 4.5.1
        * d/control: Uses debhelper-compat to version 13
        * d/control: Adds Rules-Requires-Root: no
        * d/watch : upgrade version to 4 (no changes)
        * d/upstream: Add metadata file
        * d/tests: add autopkgtests
        * d/control: Add VCS URIs
      5d9f291b
  6. 06 Mar, 2021 1 commit
  7. 30 Mar, 2020 1 commit
  8. 17 Aug, 2019 1 commit
  9. 31 May, 2019 2 commits
  10. 31 Mar, 2019 1 commit
    • Salvatore Bonaccorso's avatar
      Import Debian changes 1.8.0-2.1 · c3d7a5d3
      Salvatore Bonaccorso authored
      libssh2 (1.8.0-2.1) unstable; urgency=high
      
        * Non-maintainer upload.
        * Possible integer overflow in transport read allows out-of-bounds write
          (CVE-2019-3855) (Closes: #924965)
        * Possible integer overflow in keyboard interactive handling allows
          out-of-bounds write (CVE-2019-3856) (Closes: #924965)
        * Possible integer overflow leading to zero-byte allocation and
          out-of-bounds write (CVE-2019-3857) (Closes: #924965)
        * Possible zero-byte allocation leading to an out-of-bounds read
          (CVE-2019-3858) (Closes: #924965)
        * Out-of-bounds reads with specially crafted payloads due to unchecked use
          of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859)
          (Closes: #924965)
        * Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860)
          (Closes: #924965)
        * Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
          (Closes: #924965)
        * Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965)
        * Integer overflow in user authenicate keyboard interactive allows
          out-of-bounds writes (CVE-2019-3863) (Closes: #924965)
        * Fixed misapplied patch for user auth.
        * moved MAX size declarations
      c3d7a5d3
  11. 23 Jun, 2018 1 commit
    • Mikhail Gusarov's avatar
      Import Debian changes 1.8.0-2 · 1e0c31f0
      Mikhail Gusarov authored
      libssh2 (1.8.0-2) unstable; urgency=low
      
        * Add missing zlib1g-dev dependency (Closes: #900558).
        * Remove manual -dbg package and corresponding override in d/rules.
        * Update Homepage, copyright and tarball download URL to use https.
        * Clean spurious EOL whitespace from d/changelog.
        * Add signature check to debian/watch.
        * Update debhelper compatibility (and dependency).
        * Remove no longer needed explicit dh --parallel flag
        * Enable full hardening mode.
        * Update packaging copyright years.
        * Bump Standards-Version.
      
      libssh2 (1.8.0-1) unstable; urgency=low
      
        * New upstream release.
          - Refresh 0001-Add-lgpg-error-to-.pc-to-facilitate-static-linking.patch
          - Refresh 0001-Do-not-expose-private-libraries-nor-link-flags-to-us.patch
          - Take ced924b78a40126606797ef57a74066eb3b4b83f.patch from upstream
        * Do not build against OpenSSL even if libssl-dev is installed
          (Closes: #857793).
      
      libssh2 (1.7.0-1) unstable; urgency=low
      
        * New upstream release(Closes: #825097).
          - Refresh patches.
        * Bump Standards-Version, no changes required.
      
      libssh2 (1.5.0-1) unstable; urgency=low
      
        * New upstream release.
          - Drop 0003-CVE-2015-1782.patch, included upstream.
        * Acknowledge 1.4.3-4.1 NMU. Thanks, Salvatore!
      
      libssh2 (1.4.3-4.1) unstable; urgency=high
      
        * Non-maintainer upload by the Security Team.
        * Add 0003-CVE-2015-1782.patch.
          CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded. (Closes: #780249)
      
      libssh2 (1.4.3-4) unstable; urgency=low
      
        * Update description to mention SFTPv5 support
          (Closes: #671199).
        * Add -lgpg-error to .pc file to fix static linking against libgcrypt
          (Closes: #760359).
      
      libssh2 (1.4.3-3) unstable; urgency=low
      
        * Do not expose private libraries nor link flags to users of libssh2
          (Closes: #747417).
        * Rebuild with libgcrypt20 (Closes: #744829).
        * Fix typos in manpages.
        * Bump Standards-Version, no changes required.
      
      libssh2 (1.4.3-2) unstable; urgency=medium
      
        * Make package multi-arch-aware (Closes: #731310).
        * Bump Standards-Version, no changes required.
      
      libssh2 (1.4.3-1) unstable; urgency=low
      
        * New upstream release.
          - Drop debian/patches/with-gcrypt.patch, applied upstream.
        * Incorporate 1.4.2-1.1 NMU by Dmitry. Thanks!
      
      libssh2 (1.4.2-1.1) unstable; urgency=medium
      
        * Non-maintainer upload.
        * Added patch to fix pkg-config/libgcrypt dependency (Closes: #675785).
        * Install upstream ChangeLog (Closes: #675782).
        * debian/control:
          + libssh2-1-dev to depend on libgcrypt11-dev.
          + added Homepage field.
      
      libssh2 (1.4.2-1) unstable; urgency=low
      
        * New upstream release.
      
      libssh2 (1.4.1-1) unstable; urgency=low
      
        * New upstream release.
          - Drop debian/patches/undefined-libssh-error.patch, upstream.
      
      libssh2 (1.4.0-1) unstable; urgency=low
      
        * New upstream release.
          - Drop debian/patches/fix-version-in-pc.patch taken from git.
          - Drop debian/patches/mang-wrong-nf-macro.patch, applied upstream.
          - Update libssh2-1.symbols for new upstream release.
          - Add debian/patches/undefined-libssh-error.patch, necessary to
            facilitate compilation with GnuTLS.
        * Drop Conflicts/Replaces for packages no longer in archive.
        * Use dh(7) for packaging.
        * Use dh-autoreconf instead of manually stashing changed files and
          moving them back.
        * Do not run test 'mansyntax.sh', it requires specific locale to be
          available, and in general is a duplicate of lintian check.
        * Update debian/copyright to version 1.0 of machine-parseable format.
        * Enable multiarch, based on patch by Johannes Cloos (Closes: #663751).
        * Bump Standards-Version, no changes needed.
      
      libssh2 (1.2.8-2) unstable; urgency=low
      
        * Fix version in pkg-config file (Closes: #637670).
      
      libssh2 (1.2.8-1) unstable; urgency=low
      
        * New upstream release.
      
      libssh2 (1.2.7-1) unstable; urgency=low
      
        * New upstream release.
        * Bump Standards-Version, no changes needed.
      
      libssh2 (1.2.6-1) unstable; urgency=low
      
        * New upstream release.
          - Update symbols file. libssh2_error and libssh2_kex_exchange symbols
            were unexported, being private.
        * Simplify package description (Closes: #580325).
        * Update Maintainer field to use my @debian.org address.
        * Convert debian/copyright to machine-readable format.
      
      libssh2 (1.2.5-1) unstable; urgency=low
      
        * New upstream release.
          - Update symbols file.
        * Convert to source format 3.0 (quilt)
        * Bump Standards-Version to 3.8.4, no changes needed.
      
      libssh2 (1.2.4-1) unstable; urgency=low
      
        * New upstream release.
          - Adjust list of files to stash before build and to restore later.
          - Update symbols file.
      
      libssh2 (1.2.2-1) unstable; urgency=low
      
        * New upstream release.
      
        * Run autoreconf during build to update libtool/automake/autoconf
          generated files (Closes: #558523).
          - Expand list of files to stash before build and to restore after.
      
        * Remove disable_example_compilation.patch, example compilation does not
          hurt anyone.
          - Remove quilt from Build-Depends,
          - Stop call patch/unpatch in debian/rules,
          - Remove README.source.
      
      libssh2 (1.2.1-2) unstable; urgency=low
      
        * Install libssh2.pc (Closes: #554437)
      
      libssh2 (1.2.1-1) unstable; urgency=low
      
        * debian/watch:
          - update to match changed upstream download location.
        * debian/rules:
          - adjust "keep files" list in order to produce clean .diff.gz
          - avoid installing .gitignore alongside the examples
          - stylistic fixes
        * debian/control:
          - bump Standards-Version, no changes required.
      
      libssh2 (1.2-1) unstable; urgency=low
      
        * New upstream release.
          - updated debian/libssh2-1.symbols.
        * debian/rules: config.sub, config.guess, ChangeLog and
          win32/libssh2.dsp from tarball are preserved, due to being deleted by
          `make distclean'.
        * Standards-Version updated to 3.8.2, no changes required.
      
      libssh2 (1.1-1) unstable; urgency=low
      
        * New upstream release.
          - Dropped unexport-private-symbols.patch, applied upstream.
          - Dropped fix_manpage.patch, applied upstream.
          - Lots of private symbols were un-exported, adjusting
            libssh2-1.symbols
        * Updating Standards-Version to 3.8.1, no changes required.
      
      libssh2 (1.0-1) unstable; urgency=low
      
        * New upstream release (Closes: #514225).
        * Replaced fix_manpage.patch with new set of manpages' fixes.
        * debian/patches/disable_example_compilation.patch:
          - added description, as suggested by Lintian,
          - refreshed.
        * debian/patches/unexport-private-symbols.patch:
          - new patch, disabling export of _libssh2_* private symbols.
        * debian/libssh2-1.symbols:
          - added symbols file.
        * debian/control:
          - removed duplicate Section: libs from binary package,
          - bumped Standards-Version to 3.8.0:
            + debian/README.source added.
        * debian/rules:
          - clean target now unpatches the source,
          - no longer reconfigures package twice: fixed quilt patch target,
          - simplified configure target,
          - deprecated dh_clean -k replaced with dh_prep.
        * debhelper compat bumped to 7.
      
      libssh2 (0.18-1) unstable; urgency=low
      
        * New upstream release
          - Removed 'CVS directories in tarball' lintian override.
      
        - Added patch fixing the syntactic errors in manpages.
      
      libssh2 (0.17-1) unstable; urgency=low
      
        * New upstream release (Closes: #409362, #430569):
          * ABI change: soname changed (adding Conflicts and Replaces to new
            -dev package)
          * installing more documentation.
          * added lintian override: CVS directory accidentally went in release
            tarball.
        * Build using libgcrypt, not OpenSSL (Closes: #409362).
        * Quilt introduced to manage patches:
          * Added patch disabling compilation of example.
        * Watch file added.
        * ${Source-Version} changed to ${binary:Version}: makes lintian happy
          and allows binNMUs.
      
      libssh2 (0.14+20070102-1) unstable; urgency=low
      
        * Initial release (Closes: #403446).
      1e0c31f0