libssh (0.11.3-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/debian/libssh.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian
Path: debian/changelog
Repo size: 1761280
Browser: https://salsa.debian.org/debian/libssh
Last scan: 2025-09-21 23:59:05+00
Next scan: 2025-09-30 14:40:00+00
CI pipeline status: success

Debian changelog in Git:

libssh (0.11.3-1) unstable; urgency=medium

  * New upstream security/bug fix release:
    - CVE-2025-8114: Fix NULL pointer dereference after allocation failure
      (Closes: #1109860)
    - CVE-2025-8277: Fix memory leak of ephemeral key pair during repeated
      wrong KEX (Closes: #1114859)
    - Potential use-after-free when send() fails during key exchange
    - Fix possible timeout during KEX if client sends authentication too early
    - Cleanup OpenSSL PKCS#11 provider when loaded
    - Zeroize buffers containing private key blobs during export

 -- Martin Pitt <mpitt@debian.org>  Sun, 14 Sep 2025 09:54:50 +0200

This branch is even with tag debian/0.11.3-1