libssh: Upgrade 0.11.3 -> 0.11.4

Message ID	20260318190300.270982-1-jakubszczudlo40@gmail.com
State	New
Headers	show Return-Path: <jakubszczudlo40@gmail.com> ip: 209.85.208.41, mailfrom: jakubszczudlo40@gmail.com) From: Jakub Szczudlo <jakubszczudlo40@gmail.com> To: openembedded-devel@lists.openembedded.org Cc: Jakub Szczudlo <jakubszczudlo40@gmail.com> Subject: [PATCH] libssh: Upgrade 0.11.3 -> 0.11.4 Date: Wed, 18 Mar 2026 20:03:00 +0100 Message-ID: <20260318190300.270982-1-jakubszczudlo40@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	libssh: Upgrade 0.11.3 -> 0.11.4 \| expand libssh: Upgrade 0.11.3 -> 0.11.4

Message ID

20260318190300.270982-1-jakubszczudlo40@gmail.com

State

New

Headers

From: Jakub Szczudlo <jakubszczudlo40@gmail.com>
To: openembedded-devel@lists.openembedded.org
Cc: Jakub Szczudlo <jakubszczudlo40@gmail.com>
Subject: [PATCH] libssh: Upgrade 0.11.3 -> 0.11.4
Date: Wed, 18 Mar 2026 20:03:00 +0100
Message-ID: <20260318190300.270982-1-jakubszczudlo40@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

libssh: Upgrade 0.11.3 -> 0.11.4 | expand

Commit Message

Jakub Szczudlo March 18, 2026, 7:03 p.m. UTC

Release note:
https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/

Signed-off-by: Jakub Szczudlo <jakubszczudlo40@gmail.com>
---
 .../libssh/{libssh_0.11.3.bb => libssh_0.11.4.bb}          | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
 rename meta-oe/recipes-support/libssh/{libssh_0.11.3.bb => libssh_0.11.4.bb} (78%)

Comments

Ankur Tyagi March 18, 2026, 7:37 p.m. UTC | #1

On Thu, Mar 19, 2026 at 8:03 AM Jakub Szczudlo via
lists.openembedded.org
<jakubszczudlo40=gmail.com@lists.openembedded.org> wrote:
>
> Release note:
> https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/
>
> Signed-off-by: Jakub Szczudlo <jakubszczudlo40@gmail.com>
> ---
>  .../libssh/{libssh_0.11.3.bb => libssh_0.11.4.bb}          | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>  rename meta-oe/recipes-support/libssh/{libssh_0.11.3.bb => libssh_0.11.4.bb} (78%)
>
> diff --git a/meta-oe/recipes-support/libssh/libssh_0.11.3.bb b/meta-oe/recipes-support/libssh/libssh_0.11.4.bb
> similarity index 78%
> rename from meta-oe/recipes-support/libssh/libssh_0.11.3.bb
> rename to meta-oe/recipes-support/libssh/libssh_0.11.4.bb
> index 5928581312..c39b121be6 100644
> --- a/meta-oe/recipes-support/libssh/libssh_0.11.3.bb
> +++ b/meta-oe/recipes-support/libssh/libssh_0.11.4.bb
> @@ -13,7 +13,7 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
>
>  SRC_URI:append:toolchain-clang = " file://0001-CompilerChecks.cmake-drop-Wunused-variable-flag.patch"
>
> -SRCREV = "301d0e16dfa8a5cac1cff956b6880ca90eb82864"
> +SRCREV = "ca9c055d7c78ce357346ac7c2b14047568d47aa1"
>
>
>  inherit cmake ptest
> @@ -50,3 +50,8 @@ BBCLASSEXTEND = "native nativesdk"
>
>  CVE_STATUS[CVE-2025-5987] = "fixed-version: The vulnerability was fixed in 0.11.2"
>  CVE_STATUS[CVE-2025-5318] = "fixed-version: The vulnerability was fixed in 0.11.2"
> +CVE_STATUS[CVE-2026-0964] = "fixed-version: The vulnerability was fixed in 0.11.4"
> +CVE_STATUS[CVE-2026-0965] = "fixed-version: The vulnerability was fixed in 0.11.4"
> +CVE_STATUS[CVE-2026-0966] = "fixed-version: The vulnerability was fixed in 0.11.4"
> +CVE_STATUS[CVE-2026-0967] = "fixed-version: The vulnerability was fixed in 0.11.4"
> +CVE_STATUS[CVE-2026-0968] = "fixed-version: The vulnerability was fixed in 0.11.4"

These CVEs are not yet available in the NVD, don't think we should be
adding them here.

> \ No newline at end of file
> --
> 2.47.3
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#125362): https://lists.openembedded.org/g/openembedded-devel/message/125362
> Mute This Topic: https://lists.openembedded.org/mt/118388524/3619737
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ankur.tyagi85@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>

Gyorgy Sarvari March 18, 2026, 8:22 p.m. UTC | #2

On 3/18/26 20:37, Ankur Tyagi via lists.openembedded.org wrote:
> On Thu, Mar 19, 2026 at 8:03 AM Jakub Szczudlo via
> lists.openembedded.org
> <jakubszczudlo40=gmail.com@lists.openembedded.org> wrote:
>>
>> Release note:
>> https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/
>>
>> Signed-off-by: Jakub Szczudlo <jakubszczudlo40@gmail.com>
>> ---
>>  .../libssh/{libssh_0.11.3.bb => libssh_0.11.4.bb}          | 7 ++++++-
>>  1 file changed, 6 insertions(+), 1 deletion(-)
>>  rename meta-oe/recipes-support/libssh/{libssh_0.11.3.bb => libssh_0.11.4.bb} (78%)
>>
>> diff --git a/meta-oe/recipes-support/libssh/libssh_0.11.3.bb b/meta-oe/recipes-support/libssh/libssh_0.11.4.bb
>> similarity index 78%
>> rename from meta-oe/recipes-support/libssh/libssh_0.11.3.bb
>> rename to meta-oe/recipes-support/libssh/libssh_0.11.4.bb
>> index 5928581312..c39b121be6 100644
>> --- a/meta-oe/recipes-support/libssh/libssh_0.11.3.bb
>> +++ b/meta-oe/recipes-support/libssh/libssh_0.11.4.bb
>> @@ -13,7 +13,7 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
>>
>>  SRC_URI:append:toolchain-clang = " file://0001-CompilerChecks.cmake-drop-Wunused-variable-flag.patch"
>>
>> -SRCREV = "301d0e16dfa8a5cac1cff956b6880ca90eb82864"
>> +SRCREV = "ca9c055d7c78ce357346ac7c2b14047568d47aa1"
>>
>>
>>  inherit cmake ptest
>> @@ -50,3 +50,8 @@ BBCLASSEXTEND = "native nativesdk"
>>
>>  CVE_STATUS[CVE-2025-5987] = "fixed-version: The vulnerability was fixed in 0.11.2"
>>  CVE_STATUS[CVE-2025-5318] = "fixed-version: The vulnerability was fixed in 0.11.2"
>> +CVE_STATUS[CVE-2026-0964] = "fixed-version: The vulnerability was fixed in 0.11.4"
>> +CVE_STATUS[CVE-2026-0965] = "fixed-version: The vulnerability was fixed in 0.11.4"
>> +CVE_STATUS[CVE-2026-0966] = "fixed-version: The vulnerability was fixed in 0.11.4"
>> +CVE_STATUS[CVE-2026-0967] = "fixed-version: The vulnerability was fixed in 0.11.4"
>> +CVE_STATUS[CVE-2026-0968] = "fixed-version: The vulnerability was fixed in 0.11.4"
> 
> These CVEs are not yet available in the NVD, don't think we should be
> adding them here.
> 

This update was submitted earlier also some time ago, it is currently
soaking in master-next[1] - it just took a bit of time to get there.

[1]:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=99e9d4aba13ae466a6e6fe5c56276917d295cf0b

diff --git a/meta-oe/recipes-support/libssh/libssh_0.11.3.bb b/meta-oe/recipes-support/libssh/libssh_0.11.4.bb
similarity index 78%
rename from meta-oe/recipes-support/libssh/libssh_0.11.3.bb
rename to meta-oe/recipes-support/libssh/libssh_0.11.4.bb
index 5928581312..c39b121be6 100644
--- a/meta-oe/recipes-support/libssh/libssh_0.11.3.bb
+++ b/meta-oe/recipes-support/libssh/libssh_0.11.4.bb
@@ -13,7 +13,7 @@  SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
 
 SRC_URI:append:toolchain-clang = " file://0001-CompilerChecks.cmake-drop-Wunused-variable-flag.patch"
 
-SRCREV = "301d0e16dfa8a5cac1cff956b6880ca90eb82864"
+SRCREV = "ca9c055d7c78ce357346ac7c2b14047568d47aa1"
 
 
 inherit cmake ptest
@@ -50,3 +50,8 @@  BBCLASSEXTEND = "native nativesdk"
 
 CVE_STATUS[CVE-2025-5987] = "fixed-version: The vulnerability was fixed in 0.11.2"
 CVE_STATUS[CVE-2025-5318] = "fixed-version: The vulnerability was fixed in 0.11.2"
+CVE_STATUS[CVE-2026-0964] = "fixed-version: The vulnerability was fixed in 0.11.4"
+CVE_STATUS[CVE-2026-0965] = "fixed-version: The vulnerability was fixed in 0.11.4"
+CVE_STATUS[CVE-2026-0966] = "fixed-version: The vulnerability was fixed in 0.11.4"
+CVE_STATUS[CVE-2026-0967] = "fixed-version: The vulnerability was fixed in 0.11.4"
+CVE_STATUS[CVE-2026-0968] = "fixed-version: The vulnerability was fixed in 0.11.4"
\ No newline at end of file

libssh: Upgrade 0.11.3 -> 0.11.4

Commit Message

Comments

Patch