| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| CVE-2020-22218.patch | Fix CVE-2020-22218 | Nicolas Mora <babelouest@debian.org> | not-needed | |||
| manpage.patch | Fix typo | Nicolas Mora <babelouest@debian.org> | not-needed | |||
| 0001-Add-lgpg-error-to-.pc-to-facilitate-static-linking.patch | [PATCH] Add -lgpg-error to .pc to facilitate static linking Note that this patch is Debian-specific as we know that libssh2 is linked to gcrypt. Patching configure.ac to add gpg-error as a dependent library is not good, as it would cause overlinking of libssh2, and there is no separate variable for "static dependencies". All this mess ought to be solved in gcrypt inself by providing .pc file, but it is not. |
Mikhail Gusarov <dottedmag@dottedmag.net> | no | 2014-09-03 | ||
| 0001-Do-not-expose-private-libraries-nor-link-flags-to-us.patch | [PATCH] Do not expose private libraries nor link flags to users of libssh2 Reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747417 |
Mikhail Gusarov <dottedmag@dottedmag.net> | no | 2014-05-19 | ||
| CVE-2019-17498.patch | [PATCH] packet.c: improve message parsing (#402) * packet.c: improve parsing of packets notes: Use _libssh2_get_string API in SSH_MSG_DEBUG/SSH_MSG_DISCONNECT. Additional uint32 bounds check in SSH_MSG_GLOBAL_REQUEST. |
Will Cosgrove <will@panic.com> | no | 2019-08-30 |