CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

libssh: upgrade 0.10.5 -> 0.10.6

Browse Source 
0001-libgcrypt.c-Fix-prototype-of-des3_encrypt-des3_decry.patch
0001-tests-CMakeLists.txt-do-not-search-ssh-sshd-commands.patch
refreshed for 0.10.6

Changelog:
==========
* Fix CVE-2023-6004: Command injection using proxycommand
* Fix CVE-2023-48795: Potential downgrade attack using strict kex
* Fix CVE-2023-6918: Missing checks for return values of MD functions
* Fix ssh_send_issue_banner() for CMD(PowerShell)
* Avoid passing other events to callbacks when poll is called recursively (#202)
* Allow @ in usernames when parsing from URI composes

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Wang Mingyu 2024-01-02 15:02:33 +08:00 committed by Khem Raj
parent 23c397a7f4
commit 1bea2e8c30
No known key found for this signature in database
GPG Key ID: BB053355919D3314
3 changed files with 9 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
meta-oe/recipes-support/libssh/libssh/0001-libgcrypt.c-Fix-prototype-of-des3_encrypt-des3_decry.patch
View File

@ -1,4 +1,4 @@
From 0cade4573334571055127a2d4fe3641e2397948d Mon Sep 17 00:00:00 2001 From 49a8ae4d6f77434ed9f7a601b9df488b921e4a22 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com> From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 20 Mar 2023 21:59:19 -0700 Date: Mon, 20 Mar 2023 21:59:19 -0700
Subject: [PATCH] libgcrypt.c: Fix prototype of des3_encrypt/des3_decrypt Subject: [PATCH] libgcrypt.c: Fix prototype of des3_encrypt/des3_decrypt
@ -18,15 +18,16 @@ TOPDIR/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/libssh/0.10.4-r0/git/
Upstream-Status: Pending Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
--- ---
src/libgcrypt.c | 4 ++-- src/libgcrypt.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-) 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libgcrypt.c b/src/libgcrypt.c diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index da5588ad..e482b654 100644 index f410d997..e3f66781 100644
--- a/src/libgcrypt.c --- a/src/libgcrypt.c
+++ b/src/libgcrypt.c +++ b/src/libgcrypt.c
@@ -469,12 +469,12 @@ static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) { @@ -416,12 +416,12 @@ static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
} }
static void des3_encrypt(struct ssh_cipher_struct *cipher, void *in, static void des3_encrypt(struct ssh_cipher_struct *cipher, void *in,
@ -41,6 +42,3 @@ index da5588ad..e482b654 100644
gcry_cipher_decrypt(cipher->key[0], out, len, in, len); gcry_cipher_decrypt(cipher->key[0], out, len, in, len);
} }
--
2.40.0

10
meta-oe/recipes-support/libssh/libssh/0001-tests-CMakeLists.txt-do-not-search-ssh-sshd-commands.patch
View File

@ -1,4 +1,4 @@
From d2525ba0bc7b11de12c54ea1a3d1eb862537136d Mon Sep 17 00:00:00 2001 From 69a89e8f015802f61637fed0d3791d20a594f298 Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@windriver.com> From: Yi Zhao <yi.zhao@windriver.com>
Date: Wed, 15 Mar 2023 16:51:58 +0800 Date: Wed, 15 Mar 2023 16:51:58 +0800
Subject: [PATCH] tests/CMakeLists.txt: do not search ssh/sshd commands on host Subject: [PATCH] tests/CMakeLists.txt: do not search ssh/sshd commands on host
@ -9,12 +9,13 @@ not required by unittests, we can skip the search.
Upstream-Status: Inappropriate [embedded specific] Upstream-Status: Inappropriate [embedded specific]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
--- ---
tests/CMakeLists.txt | 2 ++ tests/CMakeLists.txt | 2 ++
1 file changed, 2 insertions(+) 1 file changed, 2 insertions(+)
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 22a36f37..aa32ca2e 100644 index f5c30061..885c926a 100644
--- a/tests/CMakeLists.txt --- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt
@@ -86,6 +86,7 @@ set(TEST_TARGET_LIBRARIES @@ -86,6 +86,7 @@ set(TEST_TARGET_LIBRARIES
@ -25,7 +26,7 @@ index 22a36f37..aa32ca2e 100644
# OpenSSH Capabilities are required for all unit tests # OpenSSH Capabilities are required for all unit tests
find_program(SSH_EXECUTABLE NAMES ssh) find_program(SSH_EXECUTABLE NAMES ssh)
if (SSH_EXECUTABLE) if (SSH_EXECUTABLE)
@@ -293,6 +294,7 @@ if (CLIENT_TESTING OR SERVER_TESTING) @@ -302,6 +303,7 @@ if (CLIENT_TESTING OR SERVER_TESTING)
message(STATUS "TORTURE_ENVIRONMENT=${TORTURE_ENVIRONMENT}") message(STATUS "TORTURE_ENVIRONMENT=${TORTURE_ENVIRONMENT}")
endif () endif ()
@ -33,6 +34,3 @@ index 22a36f37..aa32ca2e 100644
configure_file(tests_config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/tests_config.h) configure_file(tests_config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/tests_config.h)
--
2.25.1

2
meta-oe/recipes-support/libssh/libssh_0.10.5.bb → meta-oe/recipes-support/libssh/libssh_0.10.6.bb
View File

@ -11,7 +11,7 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
file://0001-libgcrypt.c-Fix-prototype-of-des3_encrypt-des3_decry.patch \ file://0001-libgcrypt.c-Fix-prototype-of-des3_encrypt-des3_decry.patch \
file://run-ptest \ file://run-ptest \
" "
SRCREV = "479eca13aaaa46b43e68c52186e3783f06ae6f34" SRCREV = "10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
S = "${WORKDIR}/git" S = "${WORKDIR}/git"