diff options
| author | Janne Heß <janne@hess.ooo> | 2023-02-02 16:18:12 +0100 |
|---|---|---|
| committer | Janne Heß <janne@hess.ooo> | 2023-02-14 12:30:15 +0100 |
| commit | e918da4d48ca1e5721cb11ade963e6c4ec3c91d0 (patch) | |
| tree | 4ee363c8324a4c78eedb92da7a80183580ae2c1f /pkgs/tools/networking/openssh | |
| parent | 14cb2130bb78b96853e576d21ea823b1b19f39de (diff) | |
| download | nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.tar nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.tar.gz nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.tar.bz2 nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.tar.lz nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.tar.xz nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.tar.zst nixpkgs-e918da4d48ca1e5721cb11ade963e6c4ec3c91d0.zip | |
openssh: 9.1p1 -> 9.2p1
Diffstat (limited to 'pkgs/tools/networking/openssh')
| -rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index f9ad037d55d..b7e1e879b06 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -6,11 +6,11 @@ in openssh = common rec { pname = "openssh"; - version = "9.1p1"; + version = "9.2p1"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - hash = "sha256-GfhQCcfj4jeH8CNvuxV4OSq01L+fjsX+a8HNfov90og="; + hash = "sha256-P2bb8WVftF9Q4cVtpiqwEhjCKIB7ITONY068351xz0Y="; }; extraPatches = [ ./ssh-keysign-8.5.patch ]; @@ -37,6 +37,13 @@ in stripLen = 1; sha256 = "sha256-p3CmMqTgrqFZUo4ZuqaPLczAhjmPufkCvptVW5dI+MI="; }) + + (fetchpatch { + name = "CVE-2023-25136.patch"; + url = "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/017_sshd.patch.sig"; + stripLen = 1; + hash = "sha256-ol/YXXb2gJNBfvg9JKmIEdwGK8RaDfW53aKKT6HU++M="; + }) ]; extraNativeBuildInputs = [ autoreconfHook ]; |