diff options
| author | Sebastian Kemper <sebastian_ml@gmx.net> | 2019-03-19 08:28:05 +0100 |
|---|---|---|
| committer | Sebastian Kemper <sebastian_ml@gmx.net> | 2019-03-19 08:28:15 +0100 |
| commit | 90d895697a0dd421ed0a85e4a4978d2f072b4d46 (patch) | |
| tree | fd6e03b92e5ff9bd4314f487e739b2e288979ebc /libs/libssh2 | |
| parent | 21acccc48707a51e8510aa1eea331426bfbc2dee (diff) | |
libssh2: version bump/ CVE fixes
- CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
- CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
- CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
- CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
- CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
- CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
- CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
- CVE-2019-3862
Out-of-bounds memory comparison
- CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Diffstat (limited to 'libs/libssh2')
| -rw-r--r-- | libs/libssh2/Makefile | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/libs/libssh2/Makefile b/libs/libssh2/Makefile index 1d6c3479f..90e4d5b30 100644 --- a/libs/libssh2/Makefile +++ b/libs/libssh2/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libssh2 -PKG_VERSION:=1.8.0 -PKG_RELEASE:=3 +PKG_VERSION:=1.8.1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.libssh2.org/download -PKG_HASH:=39f34e2f6835f4b992cafe8625073a88e5a28ba78f83e8099610a7b3af4676d4 +PKG_HASH:=40b517f35b1bb869d0075b15125c7a015557f53a5a3a6a8bffb89b69fd70f159 PKG_FIXUP:=autoreconf |