Hi,
I'm maintaining an app using libssh2, gitg:
https://gitlab.gnome.org/GNOME/gitg
Some user ping me about a CVE:
https://github.com/flathub/org.gnome.gitg/pull/18#issuecomment-804323280
and I suggest to fix it upstream, as usual, but as we provide sandboxes
package with flatpak, all dependencies are managed by us in that workflow.
So I wanted to dig a little bit on this.
Looks like release should be done in near time:
https://github.com/libssh2/libssh2/issues/539
But still is not.
Is there any chance for a bugfix release?
Can I help on that in anyway?
I understand the CVE is pretty rare, but stil interesting to learn to
collaborate on libssh2
Cheers,
Alberto
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2021-03-23