455b7247c1
(We need to keep the old numbering syntax to make versions compare correctly.) There are only two consumers in pkgsrc; one of them (remmina and remmina-plugins) actually needed library version 0.4 or later, and didn't build the ssh/sftp/nx plugins without. Hydra is also supposed to build with 0.4.x and later.) Upstream changelogs: 0.5.4: CVE-2013-0176 - NULL dereference leads to denial of service Fixed several NULL pointer dereferences in SSHv1. Fixed a free crash bug in options parsing. and for completeness 0.5.3: This is an important SECURITY and maintenance release in order to address CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. CVE-2012-4559 - Fix multiple double free() flaws CVE-2012-4560 - Fix multiple buffer overflow flaws CVE-2012-4561 - Fix multiple invalid free() flaws CVE-2012-4562 - Fix multiple improper overflow checks (...)
6 lines
324 B
Text
6 lines
324 B
Text
$NetBSD: distinfo,v 1.6 2013/02/01 13:33:49 is Exp $
|
|
|
|
SHA1 (security/libssh-0.5.4.tar.gz) = 4a372378db8fffaf28d5c79d80b2235843aa587c
|
|
RMD160 (security/libssh-0.5.4.tar.gz) = a134cb99f57c544cd31d43bf28506b42b27131e2
|
|
Size (security/libssh-0.5.4.tar.gz) = 321265 bytes
|
|
SHA1 (patch-aa) = 76de63b15c0ef380cb2bc4ab5b96bf437a79faef
|