-
Mon Feb 26 2024 Sahana Prasad <sahana@redhat.com> - 0.9.6-14
- Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol (BPP)
- Fix CVE-2023-6918 Missing checks for return values for digests
- Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection
of malicious code through hostname
- Note: version is bumped from 12 to 14 directly, as the z-stream
version in 8.9 also has 13. So bumping it to 14, will prevent
upgrade conflicts.
- Resolves:RHEL-19690, RHEL-17244, RHEL-19312
-
Mon May 15 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-12
- Fix loglevel regression
- Related: rhbz#2182251, rhbz#2189742
-
Thu May 04 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-11
- .fmf/version is needed to run the tests
- Related: rhbz#2182251, rhbz#2189742
-
Wed May 03 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-10
- Add missing ci.fmf file
- Related: rhbz#2182251, rhbz#2189742
-
Wed May 03 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-9
- Fix covscan errors found at gating
- Related: rhbz#2182251, rhbz#2189742
-
Tue May 02 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-8
- Backport test fixing commits to make the build pass
- Related: rhbz#2182251, rhbz#2189742
-
Thu Apr 27 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-7
- Fix NULL dereference during rekeying with algorithm guessing
GHSL-2023-032 / CVE-2023-1667
- Fix possible authentication bypass
GHSL 2023-085 / CVE-2023-2283
- Resolves: rhbz#2182251, rhbz#2189742
-
Fri Jan 06 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-6
- Enable client and server testing build time
- Fix failing rekey test on arch s390x
- Resolves: rhbz#2126342
-
Mon Dec 05 2022 Stanislav Zidek <szidek@redhat.com> - 0.9.6-5
- Fix CI configuration for new TMT
- Resolves: rhbz#2149910
-
Mon Nov 28 2022 Norbert Pocs <npocs@redhat.com> - 0.9.6-4
- Make VERBOSE and lower log levels less verbose
- Resolves: rhbz#2091512