aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/ssh.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2018-08-15 16:28:25 -0400
committerLeo Famulari <leo@famulari.name>2018-08-21 11:16:30 -0400
commit6cd2c4a83cc2baa387d04979b489bee2429cc39d (patch)
tree62e38cf3a33b7b7e4af29a584e1b8b52a20da00f /gnu/packages/ssh.scm
parent2fbc38e33bfdcc2b037397ea35977ef82daaacad (diff)
downloadguix-6cd2c4a83cc2baa387d04979b489bee2429cc39d.tar
guix-6cd2c4a83cc2baa387d04979b489bee2429cc39d.tar.gz
gnu: openssh: Don't allow remote username enumeration [fixes CVE-2018-15473].
* gnu/packages/patches/openssh-CVE-2018-15473.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (openssh)[source]: Use it.
Diffstat (limited to 'gnu/packages/ssh.scm')
-rw-r--r--gnu/packages/ssh.scm1
1 files changed, 1 insertions, 0 deletions
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 90205fa93d..876993e166 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -153,6 +153,7 @@ a server that supports the SSH-2 protocol.")
(method url-fetch)
(uri (string-append "mirror://openbsd/OpenSSH/portable/"
name "-" version ".tar.gz"))
+ (patches (search-patches "openssh-CVE-2018-15473.patch"))
(sha256
(base32
"13vbbrvj3mmfhj83qyrg5c0ipr6bzw5s65dy4k8gr7p9hkkfffyp"))))