[Buildroot] [PATCH 1/1] package/libssh: security bump to version 0.9.5
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Sun Sep 13 14:22:03 UTC 2020
On Fri, 11 Sep 2020 23:03:06 +0200
Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:
> - Drop patches (already in version)
> - Fix CVE-2020-16135: libssh 0.9.4 has a NULL pointer dereference in
> tftpserver.c if ssh_buffer_new returns NULL.
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> ---
> .../0001-libssh.h-bump-to-version-0.9.4.patch | 29 ------------
> ...eturning-SSH_AGAIN-from-ssh_channel_.patch | 45 -------------------
> package/libssh/libssh.hash | 4 +-
> package/libssh/libssh.mk | 2 +-
> 4 files changed, 3 insertions(+), 77 deletions(-)
> delete mode 100644 package/libssh/0001-libssh.h-bump-to-version-0.9.4.patch
> delete mode 100644 package/libssh/0002-channels-Avoid-returning-SSH_AGAIN-from-ssh_channel_.patch
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list