Skip to content

Commit 277080f

Browse files
vcunatvcunat
committedDec 25, 2016
openssh: security 7.3p1 -> 7.4p1
The two removed patches were for issues that should've been fixed. Minor vulnerabilities addressed: CVE-2016-{10009,10010,10011,10012}. https://www.openssh.com/txt/release-7.4
·
branch-off-24.1117.03-beta
1 parent f2df4ce commit 277080f

File tree

3 files changed

+2
-52
lines changed

3 files changed

+2
-52
lines changed
 

‎pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch

-37
This file was deleted.

‎pkgs/tools/networking/openssh/default.nix

+2-4
Original file line numberDiff line numberDiff line change
@@ -29,11 +29,11 @@ stdenv.mkDerivation rec {
2929
# Please ensure that openssh_with_kerberos still builds when
3030
# bumping the version here!
3131
name = "openssh-${version}";
32-
version = "7.3p1";
32+
version = "7.4p1";
3333

3434
src = fetchurl {
3535
url = "mirror://openbsd/OpenSSH/portable/${name}.tar.gz";
36-
sha256 = "1k5y1wi29d47cgizbryxrhc1fbjsba2x8l5mqfa9b9nadnd9iyrz";
36+
sha256 = "1l8r3x4fr2kb6xm95s7kjdif1wp6f94d4kljh4qjj9109shw87qv";
3737
};
3838

3939
prePatch = optionalString hpnSupport
@@ -44,13 +44,11 @@ stdenv.mkDerivation rec {
4444

4545
patches =
4646
[
47-
./RH-1380296-NEWKEYS-null-pointer-deref.patch
4847
./locale_archive.patch
4948
./fix-host-key-algorithms-plus.patch
5049

5150
# See discussion in https://github.com/NixOS/nixpkgs/pull/16966
5251
./dont_create_privsep_path.patch
53-
./fix-CVE-2016-8858.patch
5452
]
5553
++ optional withGssapiPatches gssapiSrc;
5654

‎pkgs/tools/networking/openssh/fix-CVE-2016-8858.patch

-11
This file was deleted.

0 commit comments

Comments
 (0)
Please sign in to comment.