GNU bug report logs - #76397
[PATCH] gnu: openssh: Update to 9.9p2. [security fixes]

Previous Next

Package: guix-patches;

Reported by: ashish.is <at> lostca.se

Date: Tue, 18 Feb 2025 16:55:01 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 76397 in the body.
You can then email your comments to 76397 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#76397; Package guix-patches. (Tue, 18 Feb 2025 16:55:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to ashish.is <at> lostca.se:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Tue, 18 Feb 2025 16:55:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: ashish.is <at> lostca.se
To: guix-patches <at> gnu.org
Cc: Ashish SHUKLA <ashish.is <at> lostca.se>
Subject: [PATCH] gnu: openssh: Update to 9.9p2. [security fixes]
Date: Tue, 18 Feb 2025 17:54:01 +0100

From: Ashish SHUKLA <ashish.is <at> lostca.se>

This release fixes CVE-2025-26465, CVE-2025-26466 vulnerabilities.

* gnu/packages/ssh.scm (openssh): Update to 9.9p2.

Change-Id: Ic9b3c97b15779f21b1efa4fb5c51e7f16a424ee9
---
 gnu/packages/ssh.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index c4727b1c51..fecb3a2559 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -209,7 +209,7 @@ (define-public libssh2
 (define-public openssh
   (package
    (name "openssh")
-   (version "9.9p1")
+   (version "9.9p2")
    (source
     (origin
       (method url-fetch)
@@ -217,7 +217,7 @@ (define-public openssh
                           "openssh-" version ".tar.gz"))
       (patches (search-patches "openssh-trust-guix-store-directory.patch"))
       (sha256
-       (base32 "00kcjs7vm1vha3xvgrkb0qv7v6pwskb1avkfk2qiazzqpz6znhxk"))))
+       (base32 "0wsn44g75qa1bfp6qkcr9nlmyn02klcy2rgrvmg2ik087rhdpali"))))
    (build-system gnu-build-system)
    (arguments
     (list

base-commit: 96fe9adf54772e0824e098a6a089306a75101218
-- 
2.48.1
Information forwarded to guix-patches <at> gnu.org:
bug#76397; Package guix-patches. (Wed, 19 Feb 2025 04:24:02 GMT) Full text and rfc822 format available.

Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: "ashish.is--- via Guix-patches via" <guix-patches <at> gnu.org>
Cc: Ashish SHUKLA <ashish.is <at> lostca.se>, 76397-done <at> debbugs.gnu.org
Subject: Re: [bug#76397] [PATCH] gnu: openssh: Update to 9.9p2. [security
 fixes]
Date: Tue, 18 Feb 2025 23:22:52 -0500

On Tue, Feb 18, 2025 at 05:54:01PM +0100, ashish.is--- via Guix-patches via wrote:
> From: Ashish SHUKLA <ashish.is <at> lostca.se>
> 
> This release fixes CVE-2025-26465, CVE-2025-26466 vulnerabilities.
> 
> * gnu/packages/ssh.scm (openssh): Update to 9.9p2.

Thank you! The equivalent change was already pushed as commit
3dc8026d58f9480547a595450a6483e0f13c1ba4
Reply sent to Leo Famulari <leo <at> famulari.name>:
You have taken responsibility. (Wed, 19 Feb 2025 04:24:02 GMT) Full text and rfc822 format available.
Notification sent to ashish.is <at> lostca.se:
bug acknowledged by developer. (Wed, 19 Feb 2025 04:24:03 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Wed, 19 Mar 2025 11:24:36 GMT) Full text and rfc822 format available.
This bug report was last modified 88 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.