package/python-asyncssh: security bump to version 2.14.2

Implemented "strict kex" support and other countermeasures to protect against the Terrapin Attack described in CVE-2023-48795 https://github.com/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/blob/v2.14.2/docs/changes.rst Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-01-01 23:15:21 +01:00 · 2024-01-01 23:15:21 +01:00 · 950881da99
commit 950881da99
parent 6febe37bac
2 changed files with 4 additions and 4 deletions
--- a/package/python-asyncssh/python-asyncssh.hash
+++ b/package/python-asyncssh/python-asyncssh.hash
@ -1,6 +1,6 @@
 # md5, sha256 from https://pypi.org/pypi/asyncssh/json
-md5  4194feb9e0d17a0750f107f3445ff9f7  asyncssh-2.14.1.tar.gz
-sha256  1ac31c333a0d83c88831523245500caa814503423741b0e465339ef6da5b5e29  asyncssh-2.14.1.tar.gz
+md5  3b22a39fa9d638b277c9441187b73c5c  asyncssh-2.14.2.tar.gz
+sha256  e956bf8988d07a06ba3305f6604e261f4ca014c4a232f0873f1c7692fbe3cfc2  asyncssh-2.14.2.tar.gz
 # Locally computed sha256 checksums
 sha256  0becf16567beb77fa252b7664631dd177c8f9a1889e48995b45379c7130e5303  LICENSE
 sha256  68c286b0cf4507bec8922103efe861adb0bd3218003b1ec1b25e2e64bdd76bd3  COPYRIGHT
--- a/package/python-asyncssh/python-asyncssh.mk
+++ b/package/python-asyncssh/python-asyncssh.mk
@ -4,9 +4,9 @@
 #
 ################################################################################

-PYTHON_ASYNCSSH_VERSION = 2.14.1
+PYTHON_ASYNCSSH_VERSION = 2.14.2
 PYTHON_ASYNCSSH_SOURCE = asyncssh-$(PYTHON_ASYNCSSH_VERSION).tar.gz
-PYTHON_ASYNCSSH_SITE = https://files.pythonhosted.org/packages/5f/86/59278fefc49ddcc10567e52a8e0e1553fc936584e241d516b5682d55ea17
+PYTHON_ASYNCSSH_SITE = https://files.pythonhosted.org/packages/6c/f9/849f158fe50cdb0b1bf75009861865c9a30c3b5a0d62ad43bb5e00b10feb
 PYTHON_ASYNCSSH_SETUP_TYPE = setuptools
 PYTHON_ASYNCSSH_LICENSE = EPL-2.0 or GPL-2.0+
 PYTHON_ASYNCSSH_LICENSE_FILES = LICENSE COPYRIGHT