diff options
author | Linus Heckemann <git@sphalerite.org> | 2018-10-16 18:28:09 +0200 |
---|---|---|
committer | Linus Heckemann <git@sphalerite.org> | 2018-10-16 19:08:41 +0200 |
commit | eca462813d7586063deb5c9989ae9bcef29f9495 (patch) | |
tree | df35694135e039c07746878731ff653ac3ec61c9 /pkgs/applications/networking/cluster/terraform-providers/libvirt/default.nix | |
parent | e58816bcc6917e746cd9219b6591bfb478ecc910 (diff) | |
download | nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.gz nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.bz2 nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.lz nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.xz nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.zst nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.zip |
libssh: 0.7.5 -> 0.7.6
Fixes CVE-2018-10933: libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials. Source: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
Diffstat (limited to 'pkgs/applications/networking/cluster/terraform-providers/libvirt/default.nix')
0 files changed, 0 insertions, 0 deletions