[Bug 230151] security/asyncssh: Update 1.12.0 => 1.13.3

Sun Jul 29 15:37:12 UTC 2018

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230151

            Bug ID: 230151
           Summary: security/asyncssh: Update 1.12.0 => 1.13.3
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: ndowens.fbsd at yandex.com

Created attachment 195595
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=195595&action=edit
Update

In 1.12.1 and important CVE fix was added CVE-2018-7749, where a modified SSH
client could request that an AsyncSSH server perform operations before
authentication had completed

https://github.com/ronf/asyncssh/blob/master/docs/changes.rst : Release Notes

For this version 1.13.3:

Added support for setting the Unicode error handling strategy in conjunction
with setting an encoding when creating new SSH sessions, streams, and
processes. This strategy can also be set when specifying a session encoding in
create_server(), and when providing an encoding in the get_comment() and
set_comment() functions on private/public keys and certificates.
    Changed handling of Unicode in channels to use incrmeental codec, similar
to what was previously done in process redirection.
    Added Python 3.7 to the list of classifiers in setup.py, now that it has
been released.
    Updated Travis CI configuration to add Python 3.7 builds, and moved Linux
builds on never versions of Python up to xenial.
    Added missing coroutine decorator in test_channel.

-- 
You are receiving this mail because:
You are the assignee for the bug.