NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/libssh: security bump to version 0.10.5

Browse Source 
Fixes the following security issues:

- CVE-2023-1667: Potential NULL dereference during rekeying with algorithm
  guessing
  https://www.libssh.org/security/advisories/CVE-2023-1667.txt

- CVE-2023-2283: Authorization bypass in pki_verify_data_signature
  https://www.libssh.org/security/advisories/CVE-2023-2283.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2023-05-16 08:40:34 +02:00
parent 9a560d6aff
commit 3ec773ba91
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libssh/libssh.hash
View File

@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
# https://www.libssh.org/files/0.10/libssh-0.10.4.tar.xz.asc
# https://www.libssh.org/files/0.10/libssh-0.10.5.tar.xz.asc
# with key 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
sha256 07392c54ab61476288d1c1f0a7c557b50211797ad00c34c3af2bbc4dbc4bd97d libssh-0.10.4.tar.xz
sha256 b60e2ff7f367b9eee2b5634d3a63303ddfede0e6a18dfca88c44a8770e7e4234 libssh-0.10.5.tar.xz
sha256 1656186e951db1c010a8485481fa94587f7e53a26d24976bef97945ad0c4df5a COPYING

2
package/libssh/libssh.mk
View File

@ -5,7 +5,7 @@
################################################################################
LIBSSH_VERSION_MAJOR = 0.10
LIBSSH_VERSION = $(LIBSSH_VERSION_MAJOR).4
LIBSSH_VERSION = $(LIBSSH_VERSION_MAJOR).5
LIBSSH_SOURCE = libssh-$(LIBSSH_VERSION).tar.xz
LIBSSH_SITE = https://www.libssh.org/files/$(LIBSSH_VERSION_MAJOR)
LIBSSH_LICENSE = LGPL-2.1