NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/openssh: security bump to version 8.9p1

Browse Source 
Security Near Miss
==================

 * sshd(8): fix an integer overflow in the user authentication path
   that, in conjunction with other logic errors, could have yielded
   unauthenticated access under difficult to exploit conditions.

   This situation is not exploitable because of independent checks in
   the privilege separation monitor. Privilege separation has been
   enabled by default in since openssh-3.2.2 (released in 2002) and
   has been mandatory since openssh-7.5 (released in 2017). Moreover,
   portable OpenSSH has used toolchain features available in most
   modern compilers to abort on signed integer overflow since
   openssh-6.5 (released in 2014).

Update license (md5crypt removed, bcrypt relicensed to BSD-3-Clause:
a5ab488234
158bf854e2
c0459588b8)

https://www.openssh.com/txt/release-8.9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2022-02-26 00:18:16 +01:00 committed by Peter Korsgaard
parent 212b020bb4
commit 9597d5ec8e
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
package/openssh/openssh.hash
View File

@ -1,4 +1,4 @@
# From https://www.openssh.com/txt/release-8.8 (base64 encoded)
sha256 4590890ea9bb9ace4f71ae331785a3a5823232435161960ed5fc86588f331fe9 openssh-8.8p1.tar.gz
# From https://www.openssh.com/txt/release-8.9 (base64 encoded)
sha256 fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7 openssh-8.9p1.tar.gz
# Locally calculated
sha256 432abf7480fb31473a6706627212913fc70032e3fb71b90fecb28ae26a2d741d LICENCE
sha256 d6807e99f3d159145c659060f57c3fa74e109faa39326dbfc38674cb550fd104 LICENCE

4
package/openssh/openssh.mk
View File

@ -4,13 +4,13 @@
#
################################################################################
OPENSSH_VERSION_MAJOR = 8.8
OPENSSH_VERSION_MAJOR = 8.9
OPENSSH_VERSION_MINOR = p1
OPENSSH_VERSION = $(OPENSSH_VERSION_MAJOR)$(OPENSSH_VERSION_MINOR)
OPENSSH_CPE_ID_VERSION = $(OPENSSH_VERSION_MAJOR)
OPENSSH_CPE_ID_UPDATE = $(OPENSSH_VERSION_MINOR)
OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
OPENSSH_LICENSE = BSD-4-Clause, BSD-3-Clause, BSD-2-Clause, Public Domain
OPENSSH_LICENSE = BSD-3-Clause, BSD-2-Clause, Public Domain
OPENSSH_LICENSE_FILES = LICENCE
OPENSSH_CONF_ENV = \
LD="$(TARGET_CC)" \