diff options
author | Linus Heckemann <git@sphalerite.org> | 2018-10-16 18:28:09 +0200 |
---|---|---|
committer | Linus Heckemann <git@sphalerite.org> | 2018-10-16 19:08:41 +0200 |
commit | eca462813d7586063deb5c9989ae9bcef29f9495 (patch) | |
tree | df35694135e039c07746878731ff653ac3ec61c9 /pkgs | |
parent | e58816bcc6917e746cd9219b6591bfb478ecc910 (diff) | |
download | nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.gz nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.bz2 nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.lz nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.xz nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.tar.zst nixlib-eca462813d7586063deb5c9989ae9bcef29f9495.zip |
libssh: 0.7.5 -> 0.7.6
Fixes CVE-2018-10933: libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials. Source: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/development/libraries/libssh/default.nix | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/pkgs/development/libraries/libssh/default.nix b/pkgs/development/libraries/libssh/default.nix index 9b5c3d530ebf..1ec15e88f13d 100644 --- a/pkgs/development/libraries/libssh/default.nix +++ b/pkgs/development/libraries/libssh/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, fetchpatch, pkgconfig, cmake, zlib, openssl, libsodium }: stdenv.mkDerivation rec { - name = "libssh-0.7.5"; + name = "libssh-0.7.6"; src = fetchurl { - url = "https://red.libssh.org/attachments/download/218/${name}.tar.xz"; - sha256 = "15bh6dm9c50ndddzh3gqcgw7axp3ghrspjpkb1z3dr90vkanvs2l"; + url = "https://www.libssh.org/files/0.7/libssh-0.7.6.tar.xz"; + sha256 = "14hhdpn2hflywsi9d5bz2pfjxqkyi07znjij89cpakr7b4w7sq0x"; }; patches = [ |