diff options
Diffstat (limited to 'pkgs/tools/networking/openssh/default.nix')
-rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 855ce3de34cba..1c60f8f304d78 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -5,11 +5,11 @@ in { openssh = common rec { pname = "openssh"; - version = "9.7p1"; + version = "9.8p1"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - hash = "sha256-SQQm92bYKidj/KzY2D6j1weYdQx70q/y5X3FZg93P/0="; + hash = "sha256-3YvQAqN5tdSZ37BQ3R+pr4Ap6ARh9LtsUjxJlz9aOfM="; }; extraPatches = [ ./ssh-keysign-8.5.patch ]; @@ -29,6 +29,8 @@ in extraPatches = let url = "https://raw.githubusercontent.com/freebsd/freebsd-ports/b3f86656fc67aa397f60747c85f7f7b967c3279d/security/openssh-portable/files/extra-patch-hpn"; in [ ./ssh-keysign-8.5.patch + ./openssh-9.6_p1-CVE-2024-6387.patch + ./openssh-9.6_p1-chaff-logic.patch # HPN Patch from FreeBSD ports (fetchpatch { @@ -68,6 +70,8 @@ in extraPatches = [ ./ssh-keysign-8.5.patch + ./openssh-9.6_p1-CVE-2024-6387.patch + ./openssh-9.6_p1-chaff-logic.patch (fetchpatch { name = "openssh-gssapi.patch"; |