Bug 12985

Summary:	[fix 21] libssh2: add CVE info
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Grigorev Andrey <survolog>
Component:	Packages from Main	Assignee:	ROSA Linux Bugs <bugs>
Status:	VERIFIED FIXED	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	normal
Priority:	Normal	CC:	a.proklov, pastordidi, survolog, v.potapov
Version:	All	Flags:	v.potapov: qa_verified+ a.proklov: published+
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:
Platform:	---	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Grigorev Andrey 2022-12-05 14:30:24 MSK

Advisory: add info about CVE for libssh2.
All CVE is gone after 1.9.0 so rebuild packages for git consistency.
But abf's git have update.

1.9.0 -> 1.10.0
Binary compatibility: 26.2%
Source compatibility: 2%

libssh2 1.10.0-2
https://abf.io/build_lists/4181486
https://abf.io/build_lists/4181484
https://abf.io/build_lists/4181485
https://abf.io/build_lists/4181487
https://abf.io/build_lists/4181488

==Main==

cargo
https://abf.io/build_lists/4181518
https://abf.io/build_lists/4181519
https://abf.io/build_lists/4181520
https://abf.io/build_lists/4181744

libgit2
https://abf.io/build_lists/4181523
https://abf.io/build_lists/4181524
https://abf.io/build_lists/4181525
https://abf.io/build_lists/4181526
https://abf.io/build_lists/4181527

libvirt
https://abf.io/build_lists/4181760
https://abf.io/build_lists/4181761
https://abf.io/build_lists/4181762

mc
https://abf.io/build_lists/4181533
https://abf.io/build_lists/4181534
https://abf.io/build_lists/4181535
https://abf.io/build_lists/4181536
https://abf.io/build_lists/4181537

nmap
https://abf.io/build_lists/4181538
https://abf.io/build_lists/4181539
https://abf.io/build_lists/4181540
https://abf.io/build_lists/4181541
https://abf.io/build_lists/4181542

rust
https://abf.io/build_lists/4181543
https://abf.io/build_lists/4181544
https://abf.io/build_lists/4181545

vlc
https://abf.io/build_lists/4181549
https://abf.io/build_lists/4181550
https://abf.io/build_lists/4181551
https://abf.io/build_lists/4181552

zabbix5.0
https://abf.io/build_lists/4181554
https://abf.io/build_lists/4181555
https://abf.io/build_lists/4181556

==Contrib==

freefilesync
https://abf.io/build_lists/4181559
https://abf.io/build_lists/4181560
https://abf.io/build_lists/4181561

mlterm
https://abf.io/build_lists/4181564
https://abf.io/build_lists/4181565
https://abf.io/build_lists/4181566
https://abf.io/build_lists/4181567
https://abf.io/build_lists/4181568

perl-Git-Raw
https://abf.io/build_lists/4181569
https://abf.io/build_lists/4181570
https://abf.io/build_lists/4181572

perl-Net-SSH2
https://abf.io/build_lists/4181577
https://abf.io/build_lists/4181578
https://abf.io/build_lists/4181580
https://abf.io/build_lists/4181581
https://abf.io/build_lists/4181582

pgadmin3
https://abf.io/build_lists/4181583
https://abf.io/build_lists/4181584
https://abf.io/build_lists/4181585
https://abf.io/build_lists/4181586

Comment 1 Grigorev Andrey 2022-12-06 16:58:48 MSK

Rebuild vlc with lirc in https://bugzilla.rosalinux.ru/show_bug.cgi?id=12996

Comment 2 Dmitry Postnikov 2022-12-16 18:22:03 MSK

****************************
The update sent to testings

Comment 3 Vladimir Potapov 2022-12-20 12:36:49 MSK

libssh2-1.10.0-2
https://abf.io/build_lists/4181486
https://abf.io/build_lists/4181484
https://abf.io/build_lists/4181485
https://abf.io/build_lists/4181487
https://abf.io/build_lists/4181488

cargo-0.47.0-2
https://abf.io/build_lists/4181518
https://abf.io/build_lists/4181519
https://abf.io/build_lists/4181520
https://abf.io/build_lists/4181744

libgit2-1.4.2-2
https://abf.io/build_lists/4181523
https://abf.io/build_lists/4181524
https://abf.io/build_lists/4181525
https://abf.io/build_lists/4181526
https://abf.io/build_lists/4181527

libvirt-8.9.0-2
https://abf.io/build_lists/4181760
https://abf.io/build_lists/4181761
https://abf.io/build_lists/4181762

mc-4.8.28-3
https://abf.io/build_lists/4181533
https://abf.io/build_lists/4181534
https://abf.io/build_lists/4181535
https://abf.io/build_lists/4181536
https://abf.io/build_lists/4181537

nmap-7.92-2
https://abf.io/build_lists/4181538
https://abf.io/build_lists/4181539
https://abf.io/build_lists/4181540
https://abf.io/build_lists/4181541
https://abf.io/build_lists/4181542

rust-1.63.0-2
https://abf.io/build_lists/4181543
https://abf.io/build_lists/4181544
https://abf.io/build_lists/4181545

vlc-3.0.17.4-2
https://abf.io/build_lists/4181549
https://abf.io/build_lists/4181550
https://abf.io/build_lists/4181551
https://abf.io/build_lists/4181552

zabbix5.0-5.0.20-2
https://abf.io/build_lists/4181554
https://abf.io/build_lists/4181555
https://abf.io/build_lists/4181556
************************** Advisory *****************************
add info about CVE for libssh2.
All CVE is gone after 1.9.0 so rebuild packages for git consistency.
But abf's git have update.

1.9.0 -> 1.10.0
*****************************************************************
QA Verified
+ Contrib's
freefilesync
https://abf.io/build_lists/4181559
https://abf.io/build_lists/4181560
https://abf.io/build_lists/4181561

mlterm
https://abf.io/build_lists/4181564
https://abf.io/build_lists/4181565
https://abf.io/build_lists/4181566
https://abf.io/build_lists/4181567
https://abf.io/build_lists/4181568

perl-Git-Raw
https://abf.io/build_lists/4181569
https://abf.io/build_lists/4181570
https://abf.io/build_lists/4181572

perl-Net-SSH2
https://abf.io/build_lists/4181577
https://abf.io/build_lists/4181578
https://abf.io/build_lists/4181580
https://abf.io/build_lists/4181581
https://abf.io/build_lists/4181582

pgadmin3
https://abf.io/build_lists/4181583
https://abf.io/build_lists/4181584
https://abf.io/build_lists/4181585
https://abf.io/build_lists/4181586