openssh: security bump to version 7.1p2

Fixes:

CVE-2016-0777 - Client Information leak from use of roaming connection
feature.

CVE-2016-0778 - A buffer overflow flaw was found in the way the OpenSSH
client roaming feature was implemented. A malicious server could
potentially use this flaw to execute arbitrary code on a successfully
authenticated OpenSSH client if that client used certain non-default
configuration options.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: James Knight <james.knight@rockwellcollins.com>
Tested-by: James Knight <james.knight@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/openssh/openssh.hash b/package/openssh/openssh.hash
index 84f06672cb10fc1318de0ac91ee7f06e25bbed8b..b93b4a9c88d4cebd266e2c3e2d9b60048a40bd22 100644 (file)
--- a/package/openssh/openssh.hash
+++ b/package/openssh/openssh.hash
@@ -1,4 +1,3 @@
 # Locally calculated after checking pgp signature
-# Also from http://www.openssh.com/txt/release-7.1 (sha256 is base64 encoded)
-# Decode with -> echo <encoded stuff>|base64 -d|hexdump -v -e '/1 "%02x"'
-sha256 fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428        openssh-7.1p1.tar.gz
+# Also from http://www.openssh.com/txt/release-7.1p2
+sha256 dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd        openssh-7.1p2.tar.gz

diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
index fb5779e385a1f81759b49b06bed0e4ebc3760f1b..4e97849eec5518bfc35282faf5e3ee3076262cba 100644 (file)
--- a/package/openssh/openssh.mk
+++ b/package/openssh/openssh.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENSSH_VERSION = 7.1p1
+OPENSSH_VERSION = 7.1p2
 OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
 OPENSSH_LICENSE = BSD-3c BSD-2c Public Domain
 OPENSSH_LICENSE_FILES = LICENCE