summaryrefslogtreecommitdiff
path: root/gnu/packages/ssh.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2014-04-04 22:00:23 +0200
committerLudovic Courtès <ludo@gnu.org>2014-04-04 22:04:44 +0200
commit9c333da6f1b465e70767254ab19d9ec27681bb7b (patch)
tree5214117b798c9009679482d7249d2d2663e95461 /gnu/packages/ssh.scm
parentbde8c0e6d9c7d943cf09c8fd4bc3201ab8f4799e (diff)
gnu: guile-ssh: Use libssh 0.5.5 patched for CVE-2014-0017.
* gnu/packages/patches/libssh-CVE-2014-0017.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (libssh-0.5): New variable. (guile-ssh): Use it.
Diffstat (limited to 'gnu/packages/ssh.scm')
-rw-r--r--gnu/packages/ssh.scm15
1 files changed, 14 insertions, 1 deletions
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index a6441709f3..a952890b29 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -30,6 +30,7 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages which)
+ #:use-module (gnu packages)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
@@ -96,6 +97,18 @@ remote applications.")
(home-page "http://www.libssh.org")
(license license:lgpl2.1+)))
+(define libssh-0.5 ; kept private
+ (package (inherit libssh)
+ (version "0.5.5")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://red.libssh.org/attachments/download/51/libssh-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "17cfdff4hc0ijzrr15biq29fiabafz0bw621zlkbwbc1zh2hzpy0"))
+ (patches (list (search-patch "libssh-CVE-2014-0017.patch")))))))
+
(define-public libssh2
(package
(name "libssh2")
@@ -238,7 +251,7 @@ Additionally, various channel-specific options can be negotiated.")
("pkg-config" ,pkg-config)
("which" ,which)))
(inputs `(("guile" ,guile-2.0)
- ("libssh" ,libssh)))
+ ("libssh" ,libssh-0.5)))
(synopsis "Guile bindings to libssh")
(description
"Guile-SSH is a library that provides access to the SSH protocol for