pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2019Q4]: pkgsrc/security/libssh Pullup ticket #6107 - requeste...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/e935acb4e502
branches:  pkgsrc-2019Q4
changeset: 406582:e935acb4e502
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Tue Jan 07 19:26:28 2020 +0000

description:
Pullup ticket #6107 - requested by is
security/libssh: security fix

Revisions pulled up:
- security/libssh/Makefile                                      1.34
- security/libssh/PLIST                                         1.15
- security/libssh/distinfo                                      1.20

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Tue Dec 31 12:27:03 UTC 2019

   Modified Files:
           pkgsrc/security/libssh: Makefile PLIST distinfo

   Log Message:
   libssh: update to 0.93.

   version 0.9.3 (released 2019-12-10)
     * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution
     * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
     * SSH-01-006 General: Various unchecked Null-derefs cause DOS
     * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
     * SSH-01-010 SSH: Deprecated hash function in fingerprinting
     * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
     * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
     * SSH-01-001 State Machine: Initial machine states should be set explicitly
     * SSH-01-002 Kex: Differently bound macros used to iterate same array
     * SSH-01-005 Code-Quality: Integer sign confusion during assignments
     * SSH-01-008 SCP: Protocol Injection via unescaped File Names
     * SSH-01-009 SSH: Update documentation which RFCs are implemented
     * SSH-01-012 PKI: Information leak via uninitialized stack buffer

diffstat:

 security/libssh/Makefile |   7 +++----
 security/libssh/PLIST    |   4 ++--
 security/libssh/distinfo |  10 +++++-----
 3 files changed, 10 insertions(+), 11 deletions(-)

diffs (51 lines):

diff -r 2104860f0b35 -r e935acb4e502 security/libssh/Makefile
--- a/security/libssh/Makefile  Mon Dec 30 20:12:35 2019 +0000
+++ b/security/libssh/Makefile  Tue Jan 07 19:26:28 2020 +0000
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.33 2019/11/28 09:25:52 bsiegert Exp $
+# $NetBSD: Makefile,v 1.33.4.1 2020/01/07 19:26:28 bsiegert Exp $
 #
 # history: upstream renamed 0.11 to 0.1.1;
 # we have to use the old-style convention so that version compares work.
 
-VER=           0.9.2
+VER=           0.9.3
 DISTNAME=      libssh-${VER}
-PKGNAME=       libssh-0.92
-PKGREVISION=   1
+PKGNAME=       libssh-0.93
 CATEGORIES=    security
 MASTER_SITES=  https://www.libssh.org/files/${VER:R}/
 EXTRACT_SUFX=  .tar.xz
diff -r 2104860f0b35 -r e935acb4e502 security/libssh/PLIST
--- a/security/libssh/PLIST     Mon Dec 30 20:12:35 2019 +0000
+++ b/security/libssh/PLIST     Tue Jan 07 19:26:28 2020 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.14 2019/11/13 11:49:08 wiz Exp $
+@comment $NetBSD: PLIST,v 1.14.4.1 2020/01/07 19:26:28 bsiegert Exp $
 include/libssh/callbacks.h
 include/libssh/legacy.h
 include/libssh/libssh.h
@@ -11,5 +11,5 @@
 lib/cmake/libssh/libssh-config.cmake
 lib/libssh.so
 lib/libssh.so.4
-lib/libssh.so.4.8.3
+lib/libssh.so.4.8.4
 lib/pkgconfig/libssh.pc
diff -r 2104860f0b35 -r e935acb4e502 security/libssh/distinfo
--- a/security/libssh/distinfo  Mon Dec 30 20:12:35 2019 +0000
+++ b/security/libssh/distinfo  Tue Jan 07 19:26:28 2020 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.19 2019/11/13 11:49:08 wiz Exp $
+$NetBSD: distinfo,v 1.19.4.1 2020/01/07 19:26:28 bsiegert Exp $
 
-SHA1 (libssh-0.9.2.tar.xz) = ad1430cacb01c1f4c0a3bfdc9c0d402e6f56e1ae
-RMD160 (libssh-0.9.2.tar.xz) = c13dd04259d494cc59fe089793b551643b8699cd
-SHA512 (libssh-0.9.2.tar.xz) = 93b689cd7f3bd32716d7821219e25f91214f71be3867c622ae0ae73cdb2d20af2daa9c3c8180b71434915154f2bc374df7193b3a67a9b9e8bf06e955419285d0
-Size (libssh-0.9.2.tar.xz) = 495876 bytes
+SHA1 (libssh-0.9.3.tar.xz) = 24bb9d6f53691236f34cc8e6fec86dd659aef757
+RMD160 (libssh-0.9.3.tar.xz) = ef2f8e5564f7508db4829fe655644d959e35da5d
+SHA512 (libssh-0.9.3.tar.xz) = 6e59718565daeca6d224426cc1095a112deff9af8e0b021917e04f08bb7409263c35724de95f591f38e26f0fb3bbbbc69b679b6775edc21dec158d241b076c6f
+Size (libssh-0.9.3.tar.xz) = 500068 bytes
 SHA1 (patch-CompilerChecks.cmake) = 77b93572006132c557cb9a57698e8455f7874073



Home | Main Index | Thread Index | Old Index