From 950881da9997af650b59f88110f11b338124cc67 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Mon, 1 Jan 2024 23:15:21 +0100 Subject: [PATCH] package/python-asyncssh: security bump to version 2.14.2 Implemented "strict kex" support and other countermeasures to protect against the Terrapin Attack described in CVE-2023-48795 https://github.com/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/blob/v2.14.2/docs/changes.rst Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni --- package/python-asyncssh/python-asyncssh.hash | 4 ++-- package/python-asyncssh/python-asyncssh.mk | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/python-asyncssh/python-asyncssh.hash b/package/python-asyncssh/python-asyncssh.hash index d72b5329c5..f74cbe9c83 100644 --- a/package/python-asyncssh/python-asyncssh.hash +++ b/package/python-asyncssh/python-asyncssh.hash @@ -1,6 +1,6 @@ # md5, sha256 from https://pypi.org/pypi/asyncssh/json -md5 4194feb9e0d17a0750f107f3445ff9f7 asyncssh-2.14.1.tar.gz -sha256 1ac31c333a0d83c88831523245500caa814503423741b0e465339ef6da5b5e29 asyncssh-2.14.1.tar.gz +md5 3b22a39fa9d638b277c9441187b73c5c asyncssh-2.14.2.tar.gz +sha256 e956bf8988d07a06ba3305f6604e261f4ca014c4a232f0873f1c7692fbe3cfc2 asyncssh-2.14.2.tar.gz # Locally computed sha256 checksums sha256 0becf16567beb77fa252b7664631dd177c8f9a1889e48995b45379c7130e5303 LICENSE sha256 68c286b0cf4507bec8922103efe861adb0bd3218003b1ec1b25e2e64bdd76bd3 COPYRIGHT diff --git a/package/python-asyncssh/python-asyncssh.mk b/package/python-asyncssh/python-asyncssh.mk index 51e2e1973c..1f6b9d79a2 100644 --- a/package/python-asyncssh/python-asyncssh.mk +++ b/package/python-asyncssh/python-asyncssh.mk @@ -4,9 +4,9 @@ # ################################################################################ -PYTHON_ASYNCSSH_VERSION = 2.14.1 +PYTHON_ASYNCSSH_VERSION = 2.14.2 PYTHON_ASYNCSSH_SOURCE = asyncssh-$(PYTHON_ASYNCSSH_VERSION).tar.gz -PYTHON_ASYNCSSH_SITE = https://files.pythonhosted.org/packages/5f/86/59278fefc49ddcc10567e52a8e0e1553fc936584e241d516b5682d55ea17 +PYTHON_ASYNCSSH_SITE = https://files.pythonhosted.org/packages/6c/f9/849f158fe50cdb0b1bf75009861865c9a30c3b5a0d62ad43bb5e00b10feb PYTHON_ASYNCSSH_SETUP_TYPE = setuptools PYTHON_ASYNCSSH_LICENSE = EPL-2.0 or GPL-2.0+ PYTHON_ASYNCSSH_LICENSE_FILES = LICENSE COPYRIGHT