openSUSE-SU-2020:2129-1

This update for libssh2_org fixes the following issues:

• Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes:

  • adds ECDSA keys and host key support when using OpenSSL
  • adds ED25519 key and host key support when using OpenSSL 1.1.1
  • adds OpenSSH style key file reading
  • adds AES CTR mode support when using WinCNG
  • adds PEM passphrase protected file support for Libgcrypt and WinCNG
  • adds SHA256 hostkey fingerprint
  • adds libssh2agentgetidentitypath() and libssh2agentsetidentitypath()
  • adds explicit zeroing of sensitive data in memory
  • adds additional bounds checks to network buffer reads
  • adds the ability to use the server default permissions when creating sftp directories
  • adds support for building with OpenSSL no engine flag
  • adds support for building with LibreSSL
  • increased sftp packet size to 256k
  • fixed oversized packet handling in sftp
  • fixed building with OpenSSL 1.1
  • fixed a possible crash if sftp stat gets an unexpected response
  • fixed incorrect parsing of the KEX preference string value
  • fixed conditional RSA and AES-CTR support
  • fixed a small memory leak during the key exchange process
  • fixed a possible memory leak of the ssh banner string
  • fixed various small memory leaks in the backends
  • fixed possible out of bounds read when parsing public keys from the server
  • fixed possible out of bounds read when parsing invalid PEM files
  • no longer null terminates the scp remote exec command
  • now handle errors when diffie hellman key pair generation fails
  • improved building instructions
  • improved unit tests

• Version update to 1.8.2: [bsc#1130103] Bug fixes:

  • Fixed the misapplied userauth patch that broke 1.8.1
  • moved the MAX size declarations from the public header This update was imported from the SUSE:SLE-15:Update update project.