From 6522f93ed098fa13f51f6d017035607e26237d31 Mon Sep 17 00:00:00 2001
From: Zheng Junjie <zhengjunjie@iscas.ac.cn>
Date: Mon, 1 Jul 2024 17:49:45 +0800
Subject: gnu: openssh: Update to 9.8p1 [security fixes].

Fixes a critical security bug allowing remote code execution as root:
https://www.openssh.com/txt/release-9.8

This may be CVE-2024-6387 (currently embargoed):
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387

* gnu/packages/ssh.scm (openssh): Update to 9.8p1.

Change-Id: I32e1001ca4d7f9bfbdad58ddcba58670e151a8cb
---
 gnu/packages/ssh.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'gnu/packages/ssh.scm')

diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index ff39aea9ba..f4c80347a1 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -18,6 +18,7 @@
 ;;; Copyright © 2020, 2021, 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
 ;;; Copyright © 2023 Simon Streit <simon@netpanic.org>
+;;; Copyright © 2024 Zheng Junjie <873216071@qq.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -198,7 +199,7 @@ (define-public libssh2
 (define-public openssh
   (package
    (name "openssh")
-   (version "9.7p1")
+   (version "9.8p1")
    (source
     (origin
       (method url-fetch)
@@ -206,7 +207,7 @@ (define-public openssh
                           "openssh-" version ".tar.gz"))
       (patches (search-patches "openssh-trust-guix-store-directory.patch"))
       (sha256
-       (base32 "1z9zfw7ndibxwprazlkv1isrh1yplczdin5cziijfanqcvvjc129"))))
+       (base32 "1wrrb8zrfj9wa9nbpx310kl2k05gm4gxsl5hvycx9dbrlc1d12yx"))))
    (build-system gnu-build-system)
    (arguments
     (list
-- 
cgit v1.2.3