libssh: update to v0.10.6 to fix CVE-2023-48795 (#7141)

SPECS/libssh/libssh.signatures.json

@@ -1,7 +1,7 @@
 {
  "Signatures": {
-  "libssh-0.10.5.tar.xz": "b60e2ff7f367b9eee2b5634d3a63303ddfede0e6a18dfca88c44a8770e7e4234",
+  "libssh-0.10.6.tar.xz": "1861d498f5b6f1741b6abc73e608478491edcf9c9d4b6630eef6e74596de9dc1",
-  "libssh-0.10.5.tar.xz.asc": "cc5427ac9480b30f87f7c3c2dca1830c1e7fe3c18503da2c07d4110150916c66",
+  "libssh-0.10.6.tar.xz.asc": "140420406d7796548b0beaf736e73864c32291787cf2bd3983fdbc41741494ae",
   "libssh.keyring": "3861ac6763ff3edf0bbbb05fe890962a5dbcd99b2e00fae16687fd480c7fab0f",
   "libssh_client.config": "332db0f675f29a2f1295486489cd5b2d0fb9ead138674e8c890b2e69daa50035",
   "libssh_server.config": "b779ac90d463057293a5474b014f3fc6e4fc342f2a96b068eb2cc40d6112b9c7"

SPECS/libssh/libssh.spec

@@ -1,8 +1,8 @@
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
 Name:           libssh
-Version:        0.10.5
+Version:        0.10.6
-Release:        2%{?dist}
+Release:        1%{?dist}
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            http://www.libssh.org
@@ -144,6 +144,9 @@ popd
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
 
 %changelog
+* Fri Dec 29 2023 Neha Agarwal <nehaagarwal@microsoft.com> - 0.10.6-1
+- Upgrade to 0.10.6 to fix CVE-2023-48795
+
 * Fri May 26 2023 Vince Perri <viperri@microsoft.com> - 0.10.5-2
 - License verified.
 - Switched to out-of-source build.

cgmanifest.json

@@ -11051,8 +11051,8 @@
         "type": "other",
         "other": {
           "name": "libssh",
-          "version": "0.10.5",
+          "version": "0.10.6",
-          "downloadUrl": "https://www.libssh.org/files/0.10/libssh-0.10.5.tar.xz"
+          "downloadUrl": "https://www.libssh.org/files/0.10/libssh-0.10.6.tar.xz"
         }
       }
     },