1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted python-asyncssh 2.10.1-2+deb12u2 (source) into proposed-update

    From Debian FTP Masters@21:1/5 to All on Fri Jan 3 19:40:03 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Fri, 03 Jan 2025 01:35:52 +0100
    Source: python-asyncssh
    Architecture: source
    Version: 2.10.1-2+deb12u2
    Distribution: bookworm
    Urgency: medium
    Maintainer: Debian Python Team <team+python@tracker.debian.org>
    Changed-By: Daniel Leidert <dleidert@debian.org>
    Closes: 1055999 1056000
    Changes:
    python-asyncssh (2.10.1-2+deb12u2) bookworm; urgency=medium
    .
    * Non-maintainer upload by the Debian LTS team.
    * debian/patches/CVE-2023-46445-and-CVE-2023-46446.patch: Add patch to fix
    CVE-2023-46445 and CVE-2023-46446 (Rogue Session Attack, Rogue Extension
    Negotiation):
    - Put additional restrictions on when messages are accepted during the
    SSH handshake to avoid message injection attacks from a rogue client
    or server (closes: #1055999, #1056000).
    Checksums-Sha1:
    9c1e8902919683431fdce69fe108d666a896f42d 2461 python-asyncssh_2.10.1-2+deb12u2.dsc
    29c59b8b0e95d37b4de8ab683ffd21b9056ea0f7 479790 python-asyncssh_2.10.1.orig.tar.gz
    a37f24d31649893ddf6cac38772c23f3db63c052 16108 python-asyncssh_2.10.1-2+deb12u2.debian.tar.xz
    c1ea4bb1324d604a45a68a526ca46684c8666b6c 8883 python-asyncssh_2.10.1-2+deb12u2_amd64.buildinfo
    Checksums-Sha256:
    47a5a1cf4f93aa82174b332abbed39bc320e3905e91a3231c29621e081d25895 2461 python-asyncssh_2.10.1-2+deb12u2.dsc
    6c58c999806b17d7cf654d995cebb7f2b918d17335ebc11226f5a0c1ea29d12f 479790 python-asyncssh_2.10.1.orig.tar.gz
    37b4a8e20606b53b60c13b5ae5c1adcf5bc9b59aadcfc3d2f2377aee9e51239f 16108 python-asyncssh_2.10.1-2+deb12u2.debian.tar.xz
    ef5d5dc8fa70ac19e03f066119969b8f2ccd1dec4263f30250405d427021eaea 8883 python-asyncssh_2.10.1-2+deb12u2_amd64.buildinfo
    Files:
    e543f7244c26add3ca157e2df66c6ee2 2461 python optional python-asyncssh_2.10.1-2+deb12u2.dsc
    1fc8fb88dd5fbfff4ea7710c7caa88e7 479790 python optional python-asyncssh_2.10.1.orig.tar.gz
    12b24959f06e1593f476b9981f18cad8 16108 python optional python-asyncssh_2.10.1-2+deb12u2.debian.tar.xz
    7c92eb2fb91d5bdab77a53cdbddce8bb 8883 python optional python-asyncssh_2.10.1-2+deb12u2_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAmd3NgYACgkQS80FZ8KW 0F3H1A/+J9BOkW+LEBzkBYH2/prTWKgBEeMgUZc8/pd68t8NupwxoiGhpqdkr3bl vd8OYt416BZz6giFDd3ZGSVLCLM80Jc3j7Pi7y7ND8MM9oxzifbPqij2NWU+yWAn wjCtu6b8d1zGFjwCWm8l+v3DmYobjFXGSz71aTUTZmwHAshCRguwTJKeVKsqIqwY k1pcYRLyJHIJjNn6em0KCYfFY8JQ5jmmZpWBF3J7EXuhJ4QotThCDT8Ut6cdrGNx CYIsLJU0PW0LXMAvc2gfUgTLhv80JQL1zv//+NI2WkxCTnZoVu5/Q/6rua4vWf2g PynFhWn04CGfTVmkb+ENp+t5QyBvH5p8wo7QgEYFFmho6AhTt2IkviXZmC+Ya3L0 oOFTO+W4EZpzQIsoYnN+XZoXBOswdhBMDyytyFTLydXKXjqr3tQVECiTc/DIBo3A MEyJ/ps/gQv3ZrQIiNgML4mUAFBeOmNUdm+60jYNoV28/QeclmeNhIFBc3LaLq4m 141y3vPYRoLRkwDAQQSyaovAuao89fsYHFay1lGeMjoyTm5q2G57YF11wEAlSslc BiNwJ/gqSDVCmAQEHoMlw4pnvBBmP4QMOPIH+Uiu7fZwONZOLemFUDH0Aw+M0Svn jnZQDyoRJv2E3GOiK3lkRP54KfNR84do2vzlK1kMvS8j9gv2I00=
    =Ggsa
    -----END PGP SIGNATURE-----


    --============== 94853666883089491=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ3gtKQAKCRCb9qggYcy5 IXMPAP9qeUth1DnShRKPLT3PSlqW2XRzSqI/+jXnADgS23OrKwD/VnhCGhKARsio kDkspfB6U0KCS2zISWX38YqaOa5nkQw=rQKa
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)