Commit 2ff0e32e authored by Gustavo Zacarias's avatar Gustavo Zacarias Committed by Peter Korsgaard
Browse files

openssh: security bump to version 7.1p2 



Fixes:

CVE-2016-0777 - Client Information leak from use of roaming connection
feature.

CVE-2016-0778 - A buffer overflow flaw was found in the way the OpenSSH
client roaming feature was implemented. A malicious server could
potentially use this flaw to execute arbitrary code on a successfully
authenticated OpenSSH client if that client used certain non-default
configuration options.

Signed-off-by: default avatarGustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: default avatarJames Knight <james.knight@rockwellcollins.com>
Tested-by: default avatarJames Knight <james.knight@rockwellcollins.com>
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent 12009bb9

package/openssh/openssh.hash

+2 −3
Original line number Diff line number Diff line 
# Locally calculated after checking pgp signature

# Also from http://www.openssh.com/txt/release-7.1 (sha256 is base64 encoded)

# Decode with -> echo <encoded stuff>|base64 -d|hexdump -v -e '/1 "%02x"'

sha256	fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428	openssh-7.1p1.tar.gz
 
# Also from http://www.openssh.com/txt/release-7.1p2

sha256	dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd	openssh-7.1p2.tar.gz

package/openssh/openssh.mk

+1 −1
Original line number Diff line number Diff line
@@ -4,7 +4,7 @@ 
#

################################################################################



OPENSSH_VERSION = 7.1p1

OPENSSH_VERSION = 7.1p2

OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable

OPENSSH_LICENSE = BSD-3c BSD-2c Public Domain

OPENSSH_LICENSE_FILES = LICENCE