libssh: security bump to version 0.8.4 - buildroot

diff options

author	Baruch Siach <baruch@tkos.co.il>	2018-10-16 15:31:08 +0300
committer	Peter Korsgaard <peter@korsgaard.com>	2018-10-16 14:45:15 +0200
commit	de24e47d90f64f546978b6ec12f769dc4fd89587 (patch)
tree	fe9c3f3326dcbeca118dcae3074272947d7699de /package/python-markdown/python-markdown.hash
parent	ea5525e116c95310777351415b527a3b26078193 (diff)
download	buildroot-de24e47d90f64f546978b6ec12f769dc4fd89587.tar.gz buildroot-de24e47d90f64f546978b6ec12f769dc4fd89587.zip

libssh: security bump to version 0.8.4

Fixes CVE-2018-10933: authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials. https://www.libssh.org/security/advisories/CVE-2018-10933.txt Drop an upstream patch. Cc: Scott Fan <fancp2007@gmail.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/python-markdown/python-markdown.hash')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: