From 64bcc76c00dff7712dec3fef3d7c2ee718a4a3ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 20 Aug 2018 16:31:13 +0200 Subject: gnu: guile-ssh: Update to 0.11.3. * gnu/packages/ssh.scm (guile-ssh): Update to 0.11.3. --- gnu/packages/ssh.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index faa09e94c3..90205fa93d 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -237,7 +237,7 @@ Additionally, various channel-specific options can be negotiated.") (define-public guile-ssh (package (name "guile-ssh") - (version "0.11.2") + (version "0.11.3") (home-page "https://github.com/artyom-poptsov/guile-ssh") (source (origin ;; ftp://memory-heap.org/software/guile-ssh/guile-ssh-VERSION.tar.gz @@ -249,7 +249,7 @@ Additionally, various channel-specific options can be negotiated.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1w0k5s09xj5xycb7lbp5b7rm0xncclms3jwl98lwj8fxwngi1s90")))) + "1g2jzcg1p25zrkx06j160qb8bgcwa3001ys4q02496xs61pvywqk")))) (build-system gnu-build-system) (outputs '("out" "debug")) (arguments -- cgit v1.2.3 From 6cd2c4a83cc2baa387d04979b489bee2429cc39d Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 15 Aug 2018 16:28:25 -0400 Subject: gnu: openssh: Don't allow remote username enumeration [fixes CVE-2018-15473]. * gnu/packages/patches/openssh-CVE-2018-15473.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (openssh)[source]: Use it. --- gnu/packages/ssh.scm | 1 + 1 file changed, 1 insertion(+) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 90205fa93d..876993e166 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -153,6 +153,7 @@ a server that supports the SSH-2 protocol.") (method url-fetch) (uri (string-append "mirror://openbsd/OpenSSH/portable/" name "-" version ".tar.gz")) + (patches (search-patches "openssh-CVE-2018-15473.patch")) (sha256 (base32 "13vbbrvj3mmfhj83qyrg5c0ipr6bzw5s65dy4k8gr7p9hkkfffyp")))) -- cgit v1.2.3 From c305ac30c397a482a1758fa8c02bc5716c9d3a12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 21 Aug 2018 23:15:46 +0200 Subject: gnu: guile-ssh: Don't build libguile-ssh.a. * gnu/packages/ssh.scm (guile-ssh)[arguments]: Add #:configure-flags. --- gnu/packages/ssh.scm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 876993e166..0d9bd5a119 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -254,7 +254,10 @@ Additionally, various channel-specific options can be negotiated.") (build-system gnu-build-system) (outputs '("out" "debug")) (arguments - '(#:phases (modify-phases %standard-phases + '(;; It makes no sense to build libguile-ssh.a. + #:configure-flags '("--disable-static") + + #:phases (modify-phases %standard-phases (add-after 'unpack 'autoreconf (lambda* (#:key inputs #:allow-other-keys) (invoke "autoreconf" "-vfi"))) -- cgit v1.2.3 From 36a8d5cdf40c3a760615eddc7f0d44c91369eb68 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 24 Aug 2018 16:27:19 -0400 Subject: gnu: OpenSSH: Update to 7.8p1. * gnu/packages/ssh.scm (openssh): Update to 7.8p1. [source]: Remove 'openssh-CVE-2018-15473.patch'. * gnu/packages/patches/openssh-CVE-2018-15473.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/packages/ssh.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 0d9bd5a119..a58ebff481 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -148,15 +148,14 @@ a server that supports the SSH-2 protocol.") (define-public openssh (package (name "openssh") - (version "7.7p1") + (version "7.8p1") (source (origin (method url-fetch) (uri (string-append "mirror://openbsd/OpenSSH/portable/" name "-" version ".tar.gz")) - (patches (search-patches "openssh-CVE-2018-15473.patch")) (sha256 (base32 - "13vbbrvj3mmfhj83qyrg5c0ipr6bzw5s65dy4k8gr7p9hkkfffyp")))) + "1jj4f586r9lhakp2w0zv7j616d6x62m15q8l4nxq7haja6qlnj0s")))) (build-system gnu-build-system) (native-inputs `(("groff" ,groff))) (inputs `(("openssl" ,openssl) -- cgit v1.2.3