Commits · libssh-0.9.8 · Rafael Bosi / libssh-mirror · GitLab

Dec 18, 2023
- Bump version to 0.9.8 · d18bd233
  Jakub Jelen authored Dec 15, 2023 and Andreas Schneider committed Dec 18, 2023
  View commits for tag libssh-0.9.8 libssh-0.9.8
  
  d18bd233
- Generate new 2k certificate key working in FIPS · 5dfe7427
  Jakub Jelen authored May 10, 2022 and Andreas Schneider committed Dec 18, 2023
  5dfe7427
- CVE-2023-6918: tests: Code coverage for ssh_get_pubkey_hash() · aef4a470
  Jakub Jelen authored Dec 15, 2023 and Andreas Schneider committed Dec 18, 2023
  aef4a470
- CVE-2023-6918: kdf: Detect context init failures · 9276027c
  Jakub Jelen authored Dec 15, 2023 and Andreas Schneider committed Dec 18, 2023
  9276027c
- CVE-2023-6918: Systematically check return values when calculating digests · a45a3c94
  Jakub Jelen authored Dec 15, 2023 and Andreas Schneider committed Dec 18, 2023
  a45a3c94
- CVE-2023-6918: Remove unused evp functions and types · 882d9cb5
  Jakub Jelen authored Dec 15, 2023 and Andreas Schneider committed Dec 18, 2023
  882d9cb5
- CVE-2023-6918: kdf: Reformat · 93c1dbd6
  Jakub Jelen authored Dec 15, 2023 and Andreas Schneider committed Dec 18, 2023
  93c1dbd6
- CVE-2023-48795: tests: Adjust calculation to strict kex · 768d1ed3
  Jakub Jelen authored Dec 14, 2023 and Andreas Schneider committed Dec 18, 2023
  768d1ed3
- CVE-2023-48795: Strip extensions from both kex lists for matching · 03bbbc9e
  Jakub Jelen authored Dec 14, 2023 and Andreas Schneider committed Dec 18, 2023
  03bbbc9e
- CVE-2023-48795: Server side mitigations · fd494825
  Aris Adamantiadis authored Dec 12, 2023 and Andreas Schneider committed Dec 18, 2023
  fd494825
- CVE-2023-48795: client side mitigation · 87b93be5
  Aris Adamantiadis authored Dec 12, 2023 and Andreas Schneider committed Dec 18, 2023
  87b93be5
- CVE-2023-6004: torture_misc: Add tests for ipv6 link-local · 6a8a18c7
  Norbert Pocs authored Nov 28, 2023 and Andreas Schneider committed Dec 18, 2023
  6a8a18c7
- CVE-2023-6004: misc: Add ipv6 link-local check for an ip address · cdaec0d6
  Norbert Pocs authored Nov 28, 2023 and Andreas Schneider committed Dec 18, 2023
  cdaec0d6
- CVE-2023-6004: torture_misc: Add test for ssh_is_ipaddr · a0dbe0d5
  Norbert Pocs authored Nov 06, 2023 and Andreas Schneider committed Dec 18, 2023
  a0dbe0d5
- CVE-2023-6004: torture_proxycommand: Add test for proxycommand injection · 8cf4f4bf
  Norbert Pocs authored Oct 10, 2023 and Andreas Schneider committed Dec 18, 2023
  8cf4f4bf
- CVE-2023-6004: config_parser: Check for valid syntax of a hostname if it is a domain name · 4d7ae19e
  Norbert Pocs authored Oct 10, 2023 and Andreas Schneider committed Dec 18, 2023
  4d7ae19e
- CVE-2023-6004: torture_misc: Add test for ssh_check_hostname_syntax · 234ecdf4
  Norbert Pocs authored Oct 10, 2023 and Andreas Schneider committed Dec 18, 2023
  234ecdf4
- CVE-2023-6004: misc: Add function to check allowed characters of a hostname · efb24b64
  Norbert Pocs authored Oct 10, 2023 and Andreas Schneider committed Dec 18, 2023
  efb24b64
- CVE-2023-6004: options: Simplify the hostname parsing in ssh_options_set · a5b8bd0d
  Norbert Pocs authored Oct 31, 2023 and Andreas Schneider committed Dec 18, 2023
  a5b8bd0d
- CVE-2023-6004: config_parser: Allow multiple '@' in usernames · c3234e5f
  Norbert Pocs authored Nov 01, 2023 and Andreas Schneider committed Dec 18, 2023
  c3234e5f
- CVE-2023-6004: torture_config: Allow multiple '@' in usernames · 11bd6e6a
  Norbert Pocs authored Nov 05, 2023 and Andreas Schneider committed Dec 18, 2023
  11bd6e6a
- channels: Avoid out-of-bounds writes · 8b8584ce
  Jakub Jelen authored Jun 28, 2023 and Andreas Schneider committed Dec 18, 2023
  8b8584ce
- session: Avoid potential null dereference on low-memory conditions · 2dffb970
  Jakub Jelen authored Jun 28, 2023 and Andreas Schneider committed Dec 18, 2023
  2dffb970
May 04, 2023
- Bump version to 0.9.7 · 70fef935
  Jakub Jelen authored Apr 28, 2023 and Andreas Schneider committed May 04, 2023
  View commits for tag libssh-0.9.7 libssh-0.9.7
  
  70fef935
- CVE-2023-2283:pki_crypto: Remove unnecessary NULL check · b3d19cc3
  Norbert Pocs authored Apr 24, 2023 and Andreas Schneider committed May 04, 2023
  b3d19cc3
- CVE-2023-2283:pki_crypto: Fix possible authentication bypass · 05de7cb6
  Norbert Pocs authored Apr 24, 2023 and Andreas Schneider committed May 04, 2023
  05de7cb6
- CVE-2023-1667:tests: Client coverage for key exchange with kex guessing · b733df6d
  Jakub Jelen authored Mar 17, 2023 and Andreas Schneider committed May 04, 2023
  b733df6d
- CVE-2023-1667:kex: Add support for sending first_kex_packet_follows flag · 18576cf9
  Jakub Jelen authored Mar 16, 2023 and Andreas Schneider committed May 04, 2023
  18576cf9
- CVE-2023-1667:kex: Correctly handle last fields of KEXINIT also in the client side · 0c855d29
  Jakub Jelen authored Mar 10, 2023 and Andreas Schneider committed May 04, 2023
  0c855d29
- CVE-2023-1667:dh: Expose the callback cleanup functions · aaa3d4fc
  Jakub Jelen authored Mar 17, 2023 and Andreas Schneider committed May 04, 2023
  aaa3d4fc
- CVE-2023-1667:kex: Factor out the kex mapping to internal enum · c4f05c28
  Jakub Jelen authored Mar 16, 2023 and Andreas Schneider committed May 04, 2023
  c4f05c28
- CVE-2023-1667:kex: Remove needless function argument · abcf9699
  Jakub Jelen authored Mar 13, 2023 and Andreas Schneider committed May 04, 2023
  abcf9699
- CVE-2023-1667:packet: Do not allow servers to initiate handshake · 6887a5bb
  Jakub Jelen authored Mar 14, 2023 and Andreas Schneider committed May 04, 2023
  6887a5bb
- CVE-2023-1667:packet_cb: Log more verbose error if signature verification fails · 85ddd8b3
  Jakub Jelen authored Mar 10, 2023 and Andreas Schneider committed May 04, 2023
  85ddd8b3
Apr 28, 2023
- token: Add missing whitespace · 4637c87f
  Jakub Jelen authored Mar 16, 2023
  4637c87f
- kex: Reformat ssh_kex_select_methods · d1e1aea0
  Jakub Jelen authored Mar 16, 2023
  d1e1aea0
- client: Reformat ssh_client_connection_callback · e9741edc
  Jakub Jelen authored Mar 16, 2023
  e9741edc
- wrapper: Reformat crypto_new · 1529bbd7
  Jakub Jelen authored Mar 10, 2023
  1529bbd7
- Reformat struct ssh_session_struct · 27e39655
  Jakub Jelen authored Mar 14, 2023
  27e39655
- server: Reformat ssh_server_connection_callback · 1b5e1835
  Jakub Jelen authored Mar 14, 2023
  1b5e1835