b5735379c5
Bump the version to latest git to fix the following security issues:
CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
URL: https://www.libssh2.org/CVE-2019-3855.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3855.patch
CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
URL: https://www.libssh2.org/CVE-2019-3856.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch
CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
URL: https://www.libssh2.org/CVE-2019-3857.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3857.patch
CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
URL: https://www.libssh2.org/CVE-2019-3858.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3858.patch
CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
URL: https://www.libssh2.org/CVE-2019-3859.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3859.patch
CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
URL: https://www.libssh2.org/CVE-2019-3860.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3860.patch
CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
URL: https://www.libssh2.org/CVE-2019-3861.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3861.patch
CVE-2019-3862
Out-of-bounds memory comparison
URL: https://www.libssh2.org/CVE-2019-3862.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3862.patch
CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
URL: https://www.libssh2.org/CVE-2019-3863.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3863.txt
Drop 0003-openssl-fix-dereferencing-ambiguity-potentially-caus.patch as that
is now upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit f4f7dd9557
)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
50 lines
1.5 KiB
Makefile
50 lines
1.5 KiB
Makefile
################################################################################
|
|
#
|
|
# libssh2
|
|
#
|
|
################################################################################
|
|
|
|
LIBSSH2_VERSION = 1b3cbaff518f32e5b70650d4b7b52361b1410d37
|
|
LIBSSH2_SITE = $(call github,libssh2,libssh2,$(LIBSSH2_VERSION))
|
|
LIBSSH2_LICENSE = BSD
|
|
LIBSSH2_LICENSE_FILES = COPYING
|
|
LIBSSH2_INSTALL_STAGING = YES
|
|
LIBSSH2_CONF_OPTS = --disable-examples-build
|
|
|
|
# building from a git clone
|
|
LIBSSH2_AUTORECONF = YES
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBSSH2_MBEDTLS),y)
|
|
LIBSSH2_DEPENDENCIES += mbedtls
|
|
LIBSSH2_CONF_OPTS += --with-libmbedcrypto-prefix=$(STAGING_DIR)/usr \
|
|
--with-crypto=mbedtls
|
|
else ifeq ($(BR2_PACKAGE_LIBSSH2_LIBGCRYPT),y)
|
|
LIBSSH2_DEPENDENCIES += libgcrypt
|
|
LIBSSH2_CONF_OPTS += --with-libgcrypt-prefix=$(STAGING_DIR)/usr \
|
|
--with-crypto=libgcrypt
|
|
# configure.ac forgets to link to dependent libraries of gcrypt breaking static
|
|
# linking
|
|
LIBSSH2_CONF_ENV += LIBS="`$(STAGING_DIR)/usr/bin/libgcrypt-config --libs`"
|
|
else ifeq ($(BR2_PACKAGE_LIBSSH2_OPENSSL),y)
|
|
LIBSSH2_DEPENDENCIES += openssl
|
|
LIBSSH2_CONF_OPTS += --with-libssl-prefix=$(STAGING_DIR)/usr \
|
|
--with-crypto=openssl
|
|
endif
|
|
|
|
# Add zlib support if enabled
|
|
ifeq ($(BR2_PACKAGE_ZLIB),y)
|
|
LIBSSH2_DEPENDENCIES += zlib
|
|
LIBSSH2_CONF_OPTS += --with-libz \
|
|
--with-libz-prefix=$(STAGING_DIR)/usr
|
|
else
|
|
LIBSSH2_CONF_OPTS += --without-libz
|
|
endif
|
|
|
|
HOST_LIBSSH2_DEPENDENCIES += host-openssl
|
|
HOST_LIBSSH2_CONF_OPTS += --with-openssl \
|
|
--with-libssl-prefix=$(HOST_DIR) \
|
|
--without-libgcrypt
|
|
|
|
$(eval $(autotools-package))
|
|
$(eval $(host-autotools-package))
|