CVSROOT: /cvs
Module name: ports
Changes by: st...@cvs.openbsd.org 2023/12/18 12:05:47
Modified files:
security/libssh: Makefile distinfo
security/libssh/patches: patch-tests_unittests_torture_misc_c
Log message:
update to libssh-0.10.6
CVE-2023-6004: Command injection using malicious hostname in expanded
proxy command.
CVE-2023-48795: Avoid potential downgrade attacks by implementing strict
kex. ("Terrapin")
CVE-2023-6918: Avoid potential use of weak keys in low memory conditions
by systematically checking return values of MD functions.
