Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
base: e58816bcc691
Choose a base ref
...
head repository: NixOS/nixpkgs
compare: eca462813d75
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Oct 16, 2018

  1. libssh: 0.7.5 -> 0.7.6 

    Fixes CVE-2018-10933:

libssh versions 0.6 and above have an authentication bypass
vulnerability in the server code. By presenting the server an
SSH2_MSG_USERAUTH_SUCCESS message in place of the
SSH2_MSG_USERAUTH_REQUEST message which the server would expect to
initiate authentication, the attacker could successfully authentciate
without any credentials.

Source:
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
    @lheckemann
    lheckemann committed Oct 16, 2018
    Configuration menu
    Copy the full SHA
    eca4628 View commit details
    Browse the repository at this point in the history