Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/libssh: security bump to version 0.10.5

Fixes the following security issues:

- CVE-2023-1667: Potential NULL dereference during rekeying with algorithm
  guessing
  https://www.libssh.org/security/advisories/CVE-2023-1667.txt

- CVE-2023-2283: Authorization bypass in pki_verify_data_signature
  https://www.libssh.org/security/advisories/CVE-2023-2283.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard 2 years ago
parent
9a560d6aff
commit
3ec773ba91
2 changed files with 3 additions and 3 deletions
Split View Show Diff Stats
  1. 2 2
      package/libssh/libssh.hash
  2. 1 1
      package/libssh/libssh.mk

+ 2 - 2
package/libssh/libssh.hash
View File 

@@ -1,5 +1,5 @@
 
 # Locally calculated after checking pgp signature
 
-# https://www.libssh.org/files/0.10/libssh-0.10.4.tar.xz.asc
 
+# https://www.libssh.org/files/0.10/libssh-0.10.5.tar.xz.asc
 
 # with key 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
 
-sha256  07392c54ab61476288d1c1f0a7c557b50211797ad00c34c3af2bbc4dbc4bd97d  libssh-0.10.4.tar.xz
 
+sha256  b60e2ff7f367b9eee2b5634d3a63303ddfede0e6a18dfca88c44a8770e7e4234  libssh-0.10.5.tar.xz
 
 sha256  1656186e951db1c010a8485481fa94587f7e53a26d24976bef97945ad0c4df5a  COPYING

+ 1 - 1
package/libssh/libssh.mk
View File 

@@ -5,7 +5,7 @@
 
 ################################################################################
 
 
 LIBSSH_VERSION_MAJOR = 0.10
 
-LIBSSH_VERSION = $(LIBSSH_VERSION_MAJOR).4
 
+LIBSSH_VERSION = $(LIBSSH_VERSION_MAJOR).5
 
 LIBSSH_SOURCE = libssh-$(LIBSSH_VERSION).tar.xz
 
 LIBSSH_SITE = https://www.libssh.org/files/$(LIBSSH_VERSION_MAJOR)
 
 LIBSSH_LICENSE = LGPL-2.1