- Fixes CVE-CVE-2021-3634 libssh: possible heap-based buffer

overflow when rekeying
- Fixes static analyzer issues in rhbz#1938795
- Rebase to version 0.9.6

Resolves:rhbz#1994607,rhbz#2009669,rhbz#1938795

.gitignore

@@ -54,3 +54,5 @@ libssh-0.4.4.tar.gz.asc
 /libssh-0.9.4.tar.xz.asc
 /libssh-0.9.5.tar.xz
 /libssh-0.9.5.tar.xz.asc
+/libssh-0.9.6.tar.xz
+/libssh-0.9.6.tar.xz.asc

libssh.spec

@@ -1,6 +1,6 @@
 Name:           libssh
-Version:        0.9.5
-Release:        6%{?dist}
+Version:        0.9.6
+Release:        1%{?dist}
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            http://www.libssh.org
@@ -126,6 +126,13 @@ popd
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
 
 %changelog
+* Tue Oct 05 2021 Norbert Pocs <npocs@redhat.com> - 0.9.6-1
+- Fix CVE-CVE-2021-3634 libssh: possible heap-based buffer
+  overflow when rekeying
+- Fix static analyzer issues in rhbz#1938795
+- Rebase to version 0.9.6
+- Resolves: rhbz#1994607, rhbz#1938795, rhbz#2009669
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.9.5-6
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688

sources

@@ -1,2 +1,2 @@
-SHA512 (libssh-0.9.5.tar.xz) = 64e692a0bfa7f73585ea7b7b8b1d4c9a7f9be59565bfd4de32ca8cd9db121f87e7ad51f5c80269fbd99545af34dcf1894374ed8a6d6c1ac5f8601c026572ac18
-SHA512 (libssh-0.9.5.tar.xz.asc) = f0b76cdccf26144b9cc9ad3f7e1605b50473fc5c686d0d9a2419b13382440776c09428d717253a918f7347b90e4a562fd88d8ea85a6e54f06b149826295b4f8e
+SHA512 (libssh-0.9.6.tar.xz) = 4040ec4af937e95be2e41313ef6d4db60b46b8d4dea10c09402398127c1d1ca8843392d207088aeee3c7ef631c6ae7b66861327dcebf78ed3af0723777619fd1
+SHA512 (libssh-0.9.6.tar.xz.asc) = 1b6223efe9e4ce864cd8d97d517f9f0d38c1cd502b5874fdc6a58731038c2830a72ce753f02fc062d9d4d5922107ec9a2e62fe24a704bb5dec0dcfecdb569fe6