summary refs log tree commit diff
path: root/pkgs/applications/networking/cluster/terraform-providers/libvirt/default.nix
diff options
context:
space:
mode:
authorLinus Heckemann <git@sphalerite.org>2018-10-16 18:28:09 +0200
committerLinus Heckemann <git@sphalerite.org>2018-10-16 19:08:41 +0200
commiteca462813d7586063deb5c9989ae9bcef29f9495 (patch)
treedf35694135e039c07746878731ff653ac3ec61c9 /pkgs/applications/networking/cluster/terraform-providers/libvirt/default.nix
parente58816bcc6917e746cd9219b6591bfb478ecc910 (diff)
downloadnixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar
nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.gz
nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.bz2
nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.lz
nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.xz
nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.zst
nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.zip
libssh: 0.7.5 -> 0.7.6
Fixes CVE-2018-10933:

libssh versions 0.6 and above have an authentication bypass
vulnerability in the server code. By presenting the server an
SSH2_MSG_USERAUTH_SUCCESS message in place of the
SSH2_MSG_USERAUTH_REQUEST message which the server would expect to
initiate authentication, the attacker could successfully authentciate
without any credentials.

Source:
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
Diffstat (limited to 'pkgs/applications/networking/cluster/terraform-providers/libvirt/default.nix')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-19 23:14:12 +0000