Message ID | 1457634868-4463-1-git-send-email-gustavo@zacarias.com.ar |
---|---|
State | Accepted |
Commit | 55a94ec8936571df586d4f53ffc1355c651a63d3 |
Headers | show |
>>>>> "Gustavo" == Gustavo Zacarias <gustavo@zacarias.com.ar> writes: > Fixes: > CVE-2016-3115 - sanitise X11 authentication credentials to avoid xauth > command injection when X11Forwarding is enabled. > Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Committed, thanks.
diff --git a/package/openssh/openssh.hash b/package/openssh/openssh.hash index 36346e0..46d9f9b 100644 --- a/package/openssh/openssh.hash +++ b/package/openssh/openssh.hash @@ -1,3 +1,3 @@ # Locally calculated after checking pgp signature # Also from http://www.openssh.com/txt/release-7.2 -sha256 973cc37b2f3597e4cf599b09e604e79c0fe5d9b6f595a24e91ed0662860b4ac3 openssh-7.2p1.tar.gz +sha256 a72781d1a043876a224ff1b0032daa4094d87565a68528759c1c2cab5482548c openssh-7.2p2.tar.gz diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index 0e0bcab..856646c 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPENSSH_VERSION = 7.2p1 +OPENSSH_VERSION = 7.2p2 OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable OPENSSH_LICENSE = BSD-3c BSD-2c Public Domain OPENSSH_LICENSE_FILES = LICENCE
Fixes: CVE-2016-3115 - sanitise X11 authentication credentials to avoid xauth command injection when X11Forwarding is enabled. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> --- package/openssh/openssh.hash | 2 +- package/openssh/openssh.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)