CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2023/12/18 12:05:47
Modified files: security/libssh: Makefile distinfo security/libssh/patches: patch-tests_unittests_torture_misc_c Log message: update to libssh-0.10.6 CVE-2023-6004: Command injection using malicious hostname in expanded proxy command. CVE-2023-48795: Avoid potential downgrade attacks by implementing strict kex. ("Terrapin") CVE-2023-6918: Avoid potential use of weak keys in low memory conditions by systematically checking return values of MD functions.