libssh security update

[0.9.6-14]

• Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol (BPP)
• Fix CVE-2023-6918 Missing checks for return values for digests
• Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection
  of malicious code through hostname
• Note: version is bumped from 12 to 14 directly, as the z-stream
  version in 8.9 also has 13. So bumping it to 14, will prevent
  upgrade conflicts.
• Resolves:RHEL-19690, RHEL-17244, RHEL-19312
  [0.9.6-12]
• Fix loglevel regression
• Related: rhbz#2182251, rhbz#2189742
  [0.9.6-11]
• .fmf/version is needed to run the tests
• Related: rhbz#2182251, rhbz#2189742
  [0.9.6-10]
• Add missing ci.fmf file
• Related: rhbz#2182251, rhbz#2189742
  [0.9.6-9]
• Fix covscan errors found at gating
• Related: rhbz#2182251, rhbz#2189742
  [0.9.6-8]
• Backport test fixing commits to make the build pass
• Related: rhbz#2182251, rhbz#2189742
  [0.9.6-7]
• Fix NULL dereference during rekeying with algorithm guessing
  GHSL-2023-032 / CVE-2023-1667
• Fix possible authentication bypass
  GHSL 2023-085 / CVE-2023-2283
• Resolves: rhbz#2182251, rhbz#2189742
  [0.9.6-6]
• Enable client and server testing build time
• Fix failing rekey test on arch s390x
• Resolves: rhbz#2126342
  [0.9.6-5]
• Fix CI configuration for new TMT
• Resolves: rhbz#2149910
  [0.9.6-4]
• Make VERBOSE and lower log levels less verbose
• Resolves: rhbz#2091512
  [0.9.6-3]
• Remove STI tests
  [0.9.6-2]
• Remove bad patch causing errors
• Adding BuildRequires for openssh (SSHD support)
  [0.9.6-1]
• Fix CVE-2021-3634: Fix possible heap-buffer overflow when
  rekeying with different key exchange mechanism
• Rebase to version 0.9.6
• Rename SSHD_EXECUTABLE to SSH_EXECUTABLE in tests/torture.c
• Resolves: rhbz#1896651, rhbz#1994600
  [0.9.4-4]
• Revert previous commit as it is incorrect.
  [0.9.6-1]
• Fix CVE-2021-3634: Fix possible heap-buffer overflow when
  rekeying with different key exchange mechanism (#1978810)
  [0.9.4-3]
• Fix CVE-2020-16135 NULL pointer dereference in sftpserver.c if
  ssh_buffer_new returns NULL (#1862646)
  [0.9.4-2]
• Do not return error when server properly closed the channel (#1849071)
• Add a test for CVE-2019-14889
• Do not parse configuration file in torture_knownhosts test
  [0.9.4-1]
• Update to version 0.9.4
  https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
• Fixed CVE-2019-14889 (#1781782)
• Fixed CVE-2020-1730 (#1802422)
• Create missing directories in the path provided for known_hosts files (#1733914)
• Removed inclusion of OpenSSH server configuration file from
  libssh_server.config (#1821339)
  [0.9.0-4]
• Skip 1024 bits RSA key generation test in FIPS mode (#1734485)
  [0.9.0-3]
• Add Obsoletes in libssh-config to avoid conflict with old libssh which
  installed the configuration files.
  [0.9.0-2]
• Eliminate circular dependency with libssh-config subpackage
  [0.9.0-1]
• Update to version 0.9.0
  https://www.libssh.org/2019/06/28/libssh-0-9-0/
• Added explicit Requires for crypto-policies
• Do not ignore known_hosts keys when SSH_OPTIONS_HOSTKEYS is set
• Provide the configuration files in a separate libssh-config subpackage
  [0.8.91-0.1]
• Update to 0.9.0 pre release version (0.8.91)
• Added default configuration files for client and server
• Removed unused patch files left behind
• Fixed issues found to run upstream test suite with SELinux
  [0.8.5-2]
• Fix more regressions introduced by the fixes for CVE-2018-10933
  [0.8.5-1]
• Update to version 0.8.5
  • Fixed an issue where global known_hosts file was ignored (#1649321)
  • Fixed ssh_get_fd() to return writable file descriptor (#1649319)
  • Fixed regression introduced in known_hosts parsing (#1649315)
  • Fixed a regression which caused only the first algorithm in known_hosts to
    be considered (#1638790)
    [0.8.3-5]
• Fix regressions introduced by the fixes for CVE-2018-10933
  [0.8.3-4]
• Fix for authentication bypass issue in server implementation (#1639926)
  [0.8.3-3]
• Fixed errors found by static code analysis (#1602594)
  [0.8.3-1]
• Update to version 0.8.3
  • Added support for rsa-sha2 (#1610882)
  • Added support to parse private keys in openssh container format (other than
    ed25519) (#1622983)
  • Added support for diffie-hellman-group18-sha512 and
    diffie-hellman-group16-sha512 (#1610885)
  • Added ssh_get_fingerprint_hash()
  • Added ssh_pki_export_privkey_base64()
  • Added support for Match keyword in config file
  • Improved performance and reduced memory footprint for sftp
  • Fixed ecdsa publickey auth
  • Fixed reading a closed channel
  • Added support to announce [email protected] and [email protected]
    in the sftp server
  • Use -fstack-protector-strong if possible (#1624135)
    [0.8.1-4]
• Fix the creation of symbolic links for libssh_threads.so.4
  [0.8.1-3]
• Add missing Provides for libssh_threads.so.4
  [0.8.1-2]
• Add Provides for libssh_threads.so to unbreak applications
• Fix ABIMap detection to not depend on python to build
  [0.8.1-1]
• Update to version 0.8.1
  https://www.libssh.org/2018/08/13/libssh-0-8-1/
  [0.8.0-1]
• Update to version 0.8.0
  https://www.libssh.org/2018/08/10/libssh-0-8-0/
  [0.7.5-9]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
  [0.7.5-8]
• BR: gcc-c++, use %make_build
  [0.7.5-7]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
• Related: bug#1614611
  [0.7.5-6]
• resolves: #1540021 - Build against OpenSSL 1.1
  [0.7.5-5]
• Switch to %ldconfig_scriptlets
  [0.7.5-4]
• Fix parsing ssh_config
  [0.7.5-3]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
  [0.7.5-2]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
  [0.7.5-1]
• Update to version 0.7.5
  [0.7.4-2]
• BR: compat-openssl10-devel (f26+, #1423088)
• use %license
• -devel: drop hardcoded pkgconfig dep (let autodeps handle it)
• %files: track library sonames, simplify -devel
• %install: use ‘install/fast’ target
• .spec cosmetics, drop deprecated %clean section
  [0.7.4-1]
• Update to version 0.7.4
  • Added id_ed25519 to the default identity list
  • Fixed sftp EOF packet handling
  • Fixed ssh_send_banner() to confirm with RFC 4253
  • Fixed some memory leaks
• resolves: #1419007
  [0.7.3-1]
• resolves: #1311259 - Fix CVE-2016-0739
• resolves: #1311332 - Update to version 0.7.3
  • Fixed CVE-2016-0739
  • Fixed ssh-agent on big endian
  • Fixed some documentation issues
• Enabled GSSAPI support
  [0.7.2-3]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
  [0.7.2-2]
• resolves: #1271230 - Fix ssh-agent support on big endian
  [0.7.2-1]
• Update to version 0.7.2
  • Fixed OpenSSL detection on Windows
  • Fixed return status for ssh_userauth_agent()
  • Fixed KEX to prefer hmac-sha2-256
  • Fixed sftp packet handling
  • Fixed return values of ssh_key_is_(public|private)
  • Fixed bug in global success reply
• resolves: #1267346
  [0.7.1-1]
• Update to version 0.7.1
  • Fixed SSH_AUTH_PARTIAL auth with auto public key
  • Fixed memory leak in session options
  • Fixed allocation of ed25519 public keys
  • Fixed channel exit-status and exit-signal
  • Reintroduce ssh_forward_listen()
    [0.7.0-3]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
  [0.7.0-2]
• Add patch to fix undefined symbol: ssh_forward_listen (bug #1221310)
  [0.7.0-1]
• Update to version 0.7.0
  • Added support for ed25519 keys
  • Added SHA2 algorithms for HMAC
  • Added improved and more secure buffer handling code
  • Added callback for auth_none_function
  • Added support for ECDSA private key signing
  • Added more tests
  • Fixed a lot of bugs
  • Improved API documentation
    [0.6.5-1]
• resolves: #1213775 - Security fix for CVE-2015-3146
• resolves: #1218076 - Security fix for CVE-2015-3146
  [0.6.4-1]
• Security fix for CVE-2014-8132.
  [0.6.3-3]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
  [0.6.3-2]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
  [0.6.3-1]
• Fix CVE-2014-0017.
  [0.6.1-1]
• Update to version 0.6.1.
• resolves: #1056757 - Fix scp mode.
• resolves: #1053305 - Fix known_hosts heuristic.
  [0.6.0-1]
• Update to 0.6.0
  [0.5.5-1]
• Update to 0.5.5.
• Clenup the spec file.
  [0.5.4-5]
• Add EPEL 5 support.
• Add Debian patches to enable Doxygen documentation.
  [0.5.4-4]
• Add patch for #982685.
  [0.5.4-3]
• Clean up SPEC file and fix rpmlint complaints.
  [0.5.4-2]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
  [0.5.4-1]
• update to security 0.5.4 release
• CVE-2013-0176 (#894407)
  [0.5.3-1]
• update to security 0.5.3 release (#878465)
  [0.5.2-2]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
  [0.5.2-1]
• update to 0.5.2 version (#730270)
  [0.5.0-2]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
  [0.5.0-1]
• bounce versionn to 0.5.0 (#709785)
• the support for protocol v1 is disabled
  [0.4.8-2]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
  [0.4.8-1]
• bounce versionn to 0.4.8 (#670456)
  [0.4.6-1]
• bounce versionn to 0.4.6 (#630602)
  [0.4.4-1]
• bounce versionn to 0.4.4 (#598592)
  [0.4.3-1]
• bounce versionn to 0.4.3 (#593288)
  [0.4.2-1]
• bounce versionn to 0.4.2 (#573972)
  [0.4.1-1]
• bounce versionn to 0.4.1 (#565870)
  [0.4.0-1]
• bounce versionn to 0.4.0 (#541010)
  [0.3.92-2]
• typo in spec file
  [0.3.92-1]
• bounce versionn to 0.3.92 (0.4 beta2) (#541010)
  [0.2-4]
• rebuilt with new openssl
  [0.2-3]
• Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
  [0.2-2]
• Small changes during review
  [0.2-1]
• Initial build