gnu: openssh: Don't allow remote username enumeration [fixes CVE-2018-15473].

* gnu/packages/patches/openssh-CVE-2018-15473.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (openssh)[source]: Use it.
author: Leo Famulari <leo@famulari.name> 2018-08-15 16:28:25 -0400
committer: Leo Famulari <leo@famulari.name> 2018-08-21 11:16:30 -0400
commit: 6cd2c4a83cc2baa387d04979b489bee2429cc39d (patch)
tree: 62e38cf3a33b7b7e4af29a584e1b8b52a20da00f /gnu/packages/ssh.scm
parent: 2fbc38e33bfdcc2b037397ea35977ef82daaacad (diff)
download: gnu-guix-6cd2c4a83cc2baa387d04979b489bee2429cc39d.tar
gnu-guix-6cd2c4a83cc2baa387d04979b489bee2429cc39d.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 90205fa93d..876993e166 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -153,6 +153,7 @@ a server that supports the SSH-2 protocol.")
              (method url-fetch)
              (uri (string-append "mirror://openbsd/OpenSSH/portable/"
                                  name "-" version ".tar.gz"))
+             (patches (search-patches "openssh-CVE-2018-15473.patch"))
              (sha256
               (base32
                "13vbbrvj3mmfhj83qyrg5c0ipr6bzw5s65dy4k8gr7p9hkkfffyp"))))
author	Leo Famulari <leo@famulari.name>	2018-08-15 16:28:25 -0400
committer	Leo Famulari <leo@famulari.name>	2018-08-21 11:16:30 -0400
commit	6cd2c4a83cc2baa387d04979b489bee2429cc39d (patch)
tree	62e38cf3a33b7b7e4af29a584e1b8b52a20da00f /gnu/packages/ssh.scm
parent	2fbc38e33bfdcc2b037397ea35977ef82daaacad (diff)
download	gnu-guix-6cd2c4a83cc2baa387d04979b489bee2429cc39d.tar gnu-guix-6cd2c4a83cc2baa387d04979b489bee2429cc39d.tar.gz