[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/1] openssh: Fix CVE-2015-8325
From: |
Leo Famulari |
Subject: |
[PATCH 0/1] openssh: Fix CVE-2015-8325 |
Date: |
Fri, 15 Apr 2016 14:22:54 -0400 |
Debian has applied an upstream patch to fix CVE-2015-8325 [0][1][2] in
OpenSSH [3].
OpenSSH builds and seems to work with this patch.
I can't find any public and "official" announcement of this issue yet.
For example, not from Mitre or OpenSSH themselves, aside from the
OpenSSH commit log. For this reason, I want to wait for an "okay" from
other Guix developers.
Please advise, and feel free to apply the patch yourself if appropriate.
[0]
https://security-tracker.debian.org/tracker/CVE-2015-8325
[1]
https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
[2]
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325
[3]
http://www.openssh.com/portable.html
Leo Famulari (1):
gnu: openssh: Fix CVE-2015-8325.
gnu-system.am | 1 +
gnu/packages/patches/openssh-CVE-2015-8325.patch | 31 ++++++++++++++++++++++++
gnu/packages/ssh.scm | 3 ++-
3 files changed, 34 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/openssh-CVE-2015-8325.patch
--
2.7.3
- [PATCH 0/1] openssh: Fix CVE-2015-8325,
Leo Famulari <=