gnu: libssh2: Update to 1.8.1 [security fixes].
Fixes CVE-2019-{3855,3856,3857,3858,3859,3860,3861,3862,3863}. * gnu/packages/ssh.scm (libssh2): Update to 1.8.1. (libssh2-1.8.0): New variable. * gnu/packages/curl.scm (curl)[inputs]: Use libssh2-1.8.0.
This commit is contained in:
parent
1e70d72b18
commit
af8f7eb4f2
|
@ -3,7 +3,7 @@
|
||||||
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
||||||
;;; Copyright © 2015 Tomáš Čech <sleep_walker@suse.cz>
|
;;; Copyright © 2015 Tomáš Čech <sleep_walker@suse.cz>
|
||||||
;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
|
;;; Copyright © 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
|
||||||
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
|
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
|
||||||
;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
|
;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
|
||||||
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||||
|
@ -66,10 +66,14 @@
|
||||||
(inputs `(("gnutls" ,gnutls)
|
(inputs `(("gnutls" ,gnutls)
|
||||||
("gss" ,gss)
|
("gss" ,gss)
|
||||||
("libidn" ,libidn)
|
("libidn" ,libidn)
|
||||||
("libssh2" ,libssh2)
|
|
||||||
("openldap" ,openldap)
|
("openldap" ,openldap)
|
||||||
("nghttp2" ,nghttp2 "lib")
|
("nghttp2" ,nghttp2 "lib")
|
||||||
("zlib" ,zlib)))
|
("zlib" ,zlib)
|
||||||
|
;; TODO XXX <https://bugs.gnu.org/34927>
|
||||||
|
;; Curl doesn't actually use or refer to libssh2 because the build
|
||||||
|
;; is not configured with '--with-libssh2'. Remove this input when
|
||||||
|
;; a mass rebuild is appropriate (e.g. core-updates).
|
||||||
|
("libssh2" ,libssh2-1.8.0)))
|
||||||
(native-inputs
|
(native-inputs
|
||||||
`(("perl" ,perl)
|
`(("perl" ,perl)
|
||||||
;; to enable the --manual option and make test 1026 pass
|
;; to enable the --manual option and make test 1026 pass
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
|
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
|
||||||
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
|
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
|
||||||
;;; Copyright © 2015, 2016, 2018 Efraim Flashner <efraim@flashner.co.il>
|
;;; Copyright © 2015, 2016, 2018 Efraim Flashner <efraim@flashner.co.il>
|
||||||
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
|
;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name>
|
||||||
;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
|
;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
|
||||||
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
|
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
|
||||||
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
|
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||||
|
@ -111,7 +111,7 @@ applications.")
|
||||||
(define-public libssh2
|
(define-public libssh2
|
||||||
(package
|
(package
|
||||||
(name "libssh2")
|
(name "libssh2")
|
||||||
(version "1.8.0")
|
(version "1.8.1")
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (string-append
|
(uri (string-append
|
||||||
|
@ -119,7 +119,7 @@ applications.")
|
||||||
version ".tar.gz"))
|
version ".tar.gz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1m3n8spv79qhjq4yi0wgly5s5rc8783jb1pyra9bkx1md0plxwrr"))
|
"0ngif3ynk6xqzy5nlfjs7bsmfm81g9f145av0z86kf0vbgrigda0"))
|
||||||
(patches
|
(patches
|
||||||
(search-patches "libssh2-fix-build-failure-with-gcrypt.patch"))))
|
(search-patches "libssh2-fix-build-failure-with-gcrypt.patch"))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
|
@ -143,6 +143,24 @@ a server that supports the SSH-2 protocol.")
|
||||||
(license license:bsd-3)
|
(license license:bsd-3)
|
||||||
(home-page "https://www.libssh2.org/")))
|
(home-page "https://www.libssh2.org/")))
|
||||||
|
|
||||||
|
;; XXX A hidden special obsolete libssh2 for temporary use in the curl package.
|
||||||
|
;; <https://bugs.gnu.org/34927>
|
||||||
|
(define-public libssh2-1.8.0
|
||||||
|
(hidden-package
|
||||||
|
(package
|
||||||
|
(inherit libssh2)
|
||||||
|
(version "1.8.0")
|
||||||
|
(source (origin
|
||||||
|
(method url-fetch)
|
||||||
|
(uri (string-append
|
||||||
|
"https://www.libssh2.org/download/libssh2-"
|
||||||
|
version ".tar.gz"))
|
||||||
|
(sha256
|
||||||
|
(base32
|
||||||
|
"1m3n8spv79qhjq4yi0wgly5s5rc8783jb1pyra9bkx1md0plxwrr"))
|
||||||
|
(patches
|
||||||
|
(search-patches "libssh2-fix-build-failure-with-gcrypt.patch")))))))
|
||||||
|
|
||||||
(define-public openssh
|
(define-public openssh
|
||||||
(package
|
(package
|
||||||
(name "openssh")
|
(name "openssh")
|
||||||
|
|
Loading…
Reference in New Issue