From bb571dc3e87d0e84b3ae121e0d4a9c6039a051fa Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 9 Oct 2022 23:06:13 +0200 Subject: [PATCH] package/openssh: security bump to version 9.1p1 This release contains fixes for three minor memory safety problems. None are believed to be exploitable, but we report most memory safety problems as potential security vulnerabilities out of caution. * ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing. Reported by Qualys * ssh-keygen(1): double free() in error path of file hashing step in signing/verify code; GHPR333 * ssh-keysign(8): double-free in error path introduced in openssh-8.9 https://www.openssh.com/txt/release-9.1 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard --- package/openssh/openssh.hash | 4 ++-- package/openssh/openssh.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/openssh/openssh.hash b/package/openssh/openssh.hash index 4cfdb91484..81cea32d2c 100644 --- a/package/openssh/openssh.hash +++ b/package/openssh/openssh.hash @@ -1,4 +1,4 @@ -# From https://www.openssh.com/txt/release-9.0 (base64 encoded) -sha256 03974302161e9ecce32153cfa10012f1e65c8f3750f573a73ab1befd5972a28a openssh-9.0p1.tar.gz +# From https://www.openssh.com/txt/release-9.1 (base64 encoded) +sha256 19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288 openssh-9.1p1.tar.gz # Locally calculated sha256 d6807e99f3d159145c659060f57c3fa74e109faa39326dbfc38674cb550fd104 LICENCE diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index 0e4253fa74..b70e327620 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPENSSH_VERSION_MAJOR = 9.0 +OPENSSH_VERSION_MAJOR = 9.1 OPENSSH_VERSION_MINOR = p1 OPENSSH_VERSION = $(OPENSSH_VERSION_MAJOR)$(OPENSSH_VERSION_MINOR) OPENSSH_CPE_ID_VERSION = $(OPENSSH_VERSION_MAJOR)