ShiftMediaProject
diff --git a/‎.gitlab-ci.yml‎
Lines changed: 2 additions & 0 deletions b/‎.gitlab-ci.yml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎CMakeLists.txt‎
Lines changed: 2 additions & 2 deletions b/‎CMakeLists.txt‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎CPackConfig.cmake‎
Lines changed: 2 additions & 2 deletions b/‎CPackConfig.cmake‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎ChangeLog‎
Lines changed: 15 additions & 0 deletions b/‎ChangeLog‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎CompilerChecks.cmake‎
Lines changed: 1 addition & 0 deletions b/‎CompilerChecks.cmake‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎INSTALL‎
Lines changed: 5 additions & 5 deletions b/‎INSTALL‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎README‎
Lines changed: 1 addition & 1 deletion b/‎README‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.CodingStyle‎
Lines changed: 1 addition & 1 deletion b/‎README.CodingStyle‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎SubmittingPatches‎
Lines changed: 2 additions & 2 deletions b/‎SubmittingPatches‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎doc/curve25519-sha256@libssh.org.txt‎
Lines changed: 3 additions & 3 deletions b/‎doc/curve25519-sha256@libssh.org.txt‎
Lines changed: 3 additions & 3 deletions
@@ -153,6 +153,8 @@ fedora/undefined-sanitizer:
       - obj/
 
 fedora/csbuild:
+  variables:
+      GIT_DEPTH: "100"
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
   script:
   - |
 
@@ -10,7 +10,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules")
 include(DefineCMakeDefaults)
 include(DefineCompilerFlags)
 
-project(libssh VERSION 0.9.2 LANGUAGES C)
+project(libssh VERSION 0.9.3 LANGUAGES C)
 
 # global needed variable
 set(APPLICATION_NAME ${PROJECT_NAME})
@@ -22,7 +22,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.8.3")
+set(LIBRARY_VERSION "4.8.4")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
 
@@ -10,7 +10,7 @@ set(CPACK_PACKAGE_VERSION ${PROJECT_VERSION})
 
 # SOURCE GENERATOR
 set(CPACK_SOURCE_GENERATOR "TXZ")
-set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]git/;/[.]clangd/;.gitignore;/build*;/obj*;tags;cscope.*;compile_commands.json")
+set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]git/;/[.]clangd/;.gitignore;/build*;/obj*;tags;cscope.*;compile_commands.json;.*\.patch")
 set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
 
 ### NSIS INSTALLER
@@ -23,7 +23,7 @@ if (WIN32)
         set(CPACK_GENERATOR "${CPACK_GENERATOR};NSIS")
         set(CPACK_NSIS_DISPLAY_NAME "The SSH Library")
         set(CPACK_NSIS_COMPRESSOR "/SOLID zlib")
-        set(CPACK_NSIS_MENU_LINKS "http://www.libssh.org/" "libssh homepage")
+        set(CPACK_NSIS_MENU_LINKS "https://www.libssh.org/" "libssh homepage")
     endif (NSIS_MAKE)
 endif (WIN32)
 
 
@@ -1,6 +1,21 @@
 ChangeLog
 ==========
 
+version 0.9.3 (released 2019-12-10)
+  * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution
+  * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
+  * SSH-01-006 General: Various unchecked Null-derefs cause DOS
+  * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
+  * SSH-01-010 SSH: Deprecated hash function in fingerprinting
+  * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
+  * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
+  * SSH-01-001 State Machine: Initial machine states should be set explicitly
+  * SSH-01-002 Kex: Differently bound macros used to iterate same array
+  * SSH-01-005 Code-Quality: Integer sign confusion during assignments
+  * SSH-01-008 SCP: Protocol Injection via unescaped File Names
+  * SSH-01-009 SSH: Update documentation which RFCs are implemented
+  * SSH-01-012 PKI: Information leak via uninitialized stack buffer
+
 version 0.9.2 (released 2019-11-07)
   * Fixed libssh-config.cmake
   * Fixed issues with rsa algorithm negotiation (T191)
 
@@ -42,6 +42,7 @@ if (UNIX)
     add_c_compiler_flag("-Wstrict-overflow=2" SUPPORTED_COMPILER_FLAGS)
     add_c_compiler_flag("-Wno-format-zero-length" SUPPORTED_COMPILER_FLAGS)
     add_c_compiler_flag("-Wmissing-field-initializers" SUPPORTED_COMPILER_FLAGS)
+    add_c_compiler_flag("-Wsign-compare" SUPPORTED_COMPILER_FLAGS)
 
     check_c_compiler_flag("-Wformat" REQUIRED_FLAGS_WFORMAT)
     if (REQUIRED_FLAGS_WFORMAT)
 
@@ -7,11 +7,11 @@
 In order to build libssh, you need to install several components:
 
 - A C compiler
-- [CMake](http://www.cmake.org) >= 2.6.0.
-- [openssl](http://www.openssl.org) >= 0.9.8
+- [CMake](https://www.cmake.org) >= 2.6.0.
+- [openssl](https://www.openssl.org) >= 0.9.8
 or
-- [gcrypt](http://www.gnu.org/directory/Security/libgcrypt.html) >= 1.4
-- [libz](http://www.zlib.net) >= 1.2
+- [gcrypt](https://www.gnu.org/directory/Security/libgcrypt.html) >= 1.4
+- [libz](https://www.zlib.net) >= 1.2
 
 optional:
 - [cmocka](https://cmocka.org/) >= 1.1.0
@@ -117,4 +117,4 @@ This document is written using [Markdown][] syntax, making it possible to
 provide usable information in both plain text and HTML format. Whenever
 modifying this document please use [Markdown][] syntax.
 
-[markdown]: http://www.daringfireball.net/projects/markdown
+[markdown]: https://www.daringfireball.net/projects/markdown
@@ -31,7 +31,7 @@ If you ask yourself how to compile libssh, please read INSTALL before anything.
 3* Where ?
 -_-_-_-_-_-_
 
-http://www.libssh.org
+https://www.libssh.org
 
 4* Contributing
 -_-_-_-_-_-_-_-_-_
 
@@ -60,7 +60,7 @@ following to $HOME/.vimrc:
 
 You can use the Vim gitmodline plugin to store this in the git config:
 
-    http://git.cryptomilk.org/projects/vim-gitmodeline.git/
+    https://git.cryptomilk.org/projects/vim-gitmodeline.git/
 
 For Vim, the following settings in $HOME/.vimrc will also deal with
 displaying trailing whitespace:
 
@@ -23,7 +23,7 @@ much easier to work with individuals who have ownership than corporate
 legal departments if we ever need to make reasonable compromises with
 people using and working with libssh.
 
-We track the ownership of every part of libssh via http://git.libssh.org,
+We track the ownership of every part of libssh via https://git.libssh.org,
 our source code control system, so we know the provenance of every piece
 of code that is committed to libssh.
 
@@ -85,7 +85,7 @@ By making a contribution to this project, I certify that:
     Free Software Foundation; either version 2.1 of
     the License, or (at the option of the project) any later version.
 
-    http://www.gnu.org/licenses/lgpl-2.1.html
+    https://www.gnu.org/licenses/lgpl-2.1.html
 
 
 We will maintain a copy of that email as a record that you have the
 
@@ -112,8 +112,8 @@ This number is calculated using the following procedure:
      This conversion follows the network byte order. This step differs from 
      RFC5656.
 
-[RFC5656]    http://tools.ietf.org/html/rfc5656
+[RFC5656]    https://tools.ietf.org/html/rfc5656
 [SCHNEIER]   https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html#c1675929
-[DJB]        http://cr.yp.to/talks/2013.05.31/slides-dan+tanja-20130531-4x3.pdf
+[DJB]        https://cr.yp.to/talks/2013.05.31/slides-dan+tanja-20130531-4x3.pdf
 [Curve25519] "Curve25519: new Diffie-Hellman speed records."
-             http://cr.yp.to/ecdh/curve25519-20060209.pdf
+             https://cr.yp.to/ecdh/curve25519-20060209.pdf