nixpkgs

History

Linus Heckemann eca462813d libssh: 0.7.5 -> 0.7.6 Fixes CVE-2018-10933: libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials. Source: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/	2018-10-16 19:08:41 +02:00
..
default.nix	libssh: 0.7.5 -> 0.7.6	2018-10-16 19:08:41 +02:00

Linus Heckemann eca462813d libssh: 0.7.5 -> 0.7.6

Fixes CVE-2018-10933:

libssh versions 0.6 and above have an authentication bypass
vulnerability in the server code. By presenting the server an
SSH2_MSG_USERAUTH_SUCCESS message in place of the
SSH2_MSG_USERAUTH_REQUEST message which the server would expect to
initiate authentication, the attacker could successfully authentciate
without any credentials.

Source:
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/

2018-10-16 19:08:41 +02:00

default.nix

libssh: 0.7.5 -> 0.7.6

2018-10-16 19:08:41 +02:00