Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 14 Mar 2014 21:31:25 GMT
From:      Florian Degner <f.degner@gmx.de>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/187595: security/libssh should be updated to 0.6.3 (CVE-2014-0017)
Message-ID:  <201403142131.s2ELVPMg064253@cgiserv.freebsd.org>
Resent-Message-ID: <201403142140.s2ELe0Ma050573@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         187595
>Category:       ports
>Synopsis:       security/libssh should be updated to 0.6.3 (CVE-2014-0017)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 14 21:40:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Florian Degner
>Release:        
>Organization:
>Environment:
>Description:
The current version of libssh (0.6.3) fixes CVE-2014-0017 which could lead to the leak of the private key.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Index: security/libssh/Makefile
===================================================================
--- security/libssh/Makefile	(revision 348272)
+++ security/libssh/Makefile	(working copy)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	libssh
-DISTVERSION=	0.6.1
+DISTVERSION=	0.6.3
 CATEGORIES=	security devel
 MASTER_SITES=	http://git.libssh.org/projects/libssh.git/snapshot/ \
 		LOCAL/fluffy
Index: security/libssh/distinfo
===================================================================
--- security/libssh/distinfo	(revision 348272)
+++ security/libssh/distinfo	(working copy)
@@ -1,2 +1,2 @@
-SHA256 (libssh-0.6.1.tar.bz2) = dc48605f8d16f86199a74bfc1976e871c3201aec649b23167c8c3d683aa2117a
-SIZE (libssh-0.6.1.tar.bz2) = 300257
+SHA256 (libssh-0.6.3.tar.bz2) = 0dc8f8b540767e57950610a36dde90d4f5ba0102697d1620f19ece40db2a239f
+SIZE (libssh-0.6.3.tar.bz2) = 300410
Index: security/libssh/pkg-plist
===================================================================
--- security/libssh/pkg-plist	(revision 348272)
+++ security/libssh/pkg-plist	(working copy)
@@ -10,11 +10,11 @@
 %%STATIC%%lib/libssh.a
 lib/libssh.so
 lib/libssh.so.4
-lib/libssh.so.4.4.0
+lib/libssh.so.4.4.1
 %%STATIC%%lib/libssh_threads.a
 lib/libssh_threads.so
 lib/libssh_threads.so.4
-lib/libssh_threads.so.4.4.0
+lib/libssh_threads.so.4.4.1
 libdata/pkgconfig/libssh.pc
 libdata/pkgconfig/libssh_threads.pc
 @dirrm lib/cmake/libssh


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403142131.s2ELVPMg064253>