[PATCH] gnu: libntlm: Update to 1.6 [fixes CVE-2019-17455].

  • Done
  • quality assurance status badge
Details
2 participants
  • Leo Famulari
  • Simon Josefsson
Owner
unassigned
Submitted by
Simon Josefsson
Severity
normal
S
S
Simon Josefsson wrote on 30 Apr 2020 11:05
(address . guix-patches@gnu.org)
874kt1fin5.fsf@latte.josefsson.org
Hi! See attached patch.

/Simon
From ecab0779f6a4dbac5de1f8a587af3c40a93cf294 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Thu, 30 Apr 2020 11:02:08 +0200
Subject: [PATCH] gnu: libntlm: Update to 1.6 [fixes CVE-2019-17455].

* gnu/packages/gsasl.scm (libntlm): Update to 1.8.1.
---
gnu/packages/gsasl.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (23 lines)
diff --git a/gnu/packages/gsasl.scm b/gnu/packages/gsasl.scm
index a796f9aa82..98acc3c756 100644
--- a/gnu/packages/gsasl.scm
+++ b/gnu/packages/gsasl.scm
@@ -35,14 +35,14 @@
(define-public libntlm
(package
(name "libntlm")
- (version "1.5")
+ (version "1.6")
(source (origin
(method url-fetch)
(uri (string-append "https://www.nongnu.org/libntlm/releases/"
"libntlm-" version ".tar.gz"))
(sha256
(base32
- "1gcvv7f9rggpxay81qv6kw5hr6gd4qiyzkbwhzz02fx9jvv9kmsk"))))
+ "08b83nss16jsn213j326yhn1vnrz10k15fwq6jm5b1vdn23nndzj"))))
(build-system gnu-build-system)
(synopsis "Library that implements NTLM authentication")
(description
--
2.20.1
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCXqqU3gAKCRBRcisI/kdF
ojxEAQCFuld1sWEXWew3+PjUNpyPR6ep454pChli2G9YMD8ezQEAq3Ns8JnF9/2+
5JjkuaF1NF0TKxTf8lVpb+SfPVjARAE=
=ampC
-----END PGP SIGNATURE-----

S
S
Simon Josefsson wrote on 30 Apr 2020 16:53
Re: bug#40979: Acknowledgement ([PATCH] gnu: libntlm: Update to 1.6 [fixes CVE-2019-17455].)
(address . 40979@debbugs.gnu.org)
3704d66540297eaa461006cba639c14da5bbf5d5.camel@josefsson.org
Sorry there was a typo in the commit log in the last patch. Please use
the attached file instead.

/Simon
From ecab0779f6a4dbac5de1f8a587af3c40a93cf294 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Thu, 30 Apr 2020 11:02:08 +0200
Subject: [PATCH] gnu: libntlm: Update to 1.6 [fixes CVE-2019-17455].

* gnu/packages/gsasl.scm (libntlm): Update to 1.6.
---
gnu/packages/gsasl.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (23 lines)
diff --git a/gnu/packages/gsasl.scm b/gnu/packages/gsasl.scm
index a796f9aa82..98acc3c756 100644
--- a/gnu/packages/gsasl.scm
+++ b/gnu/packages/gsasl.scm
@@ -35,14 +35,14 @@
(define-public libntlm
(package
(name "libntlm")
- (version "1.5")
+ (version "1.6")
(source (origin
(method url-fetch)
(uri (string-append "https://www.nongnu.org/libntlm/releases/"
"libntlm-" version ".tar.gz"))
(sha256
(base32
- "1gcvv7f9rggpxay81qv6kw5hr6gd4qiyzkbwhzz02fx9jvv9kmsk"))))
+ "08b83nss16jsn213j326yhn1vnrz10k15fwq6jm5b1vdn23nndzj"))))
(build-system gnu-build-system)
(synopsis "Library that implements NTLM authentication")
(description
--
2.20.1
-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCXqrmYAAKCRBRcisI/kdF
onh1AP9RO3FfkHcOv87LbgNMezS69XhOr+eKIsIG5HtS9ZZSNAD9FzcdTm6zLyTk
2reXi7fB0JobdRSE/GSGoUmC6CRMigo=
=MMMs
-----END PGP SIGNATURE-----


L
L
Leo Famulari wrote on 30 Apr 2020 18:51
Re: [bug#40979] Acknowledgement ([PATCH] gnu: libntlm: Update to 1.6 [fixes CVE-2019-17455].)
(name . Simon Josefsson)(address . simon@josefsson.org)(address . 40979-done@debbugs.gnu.org)
20200430165118.GA9638@jasmine.lan
On Thu, Apr 30, 2020 at 04:53:20PM +0200, Simon Josefsson via Guix-patches via wrote:
Toggle quote (7 lines)
> From ecab0779f6a4dbac5de1f8a587af3c40a93cf294 Mon Sep 17 00:00:00 2001
> From: Simon Josefsson <simon@josefsson.org>
> Date: Thu, 30 Apr 2020 11:02:08 +0200
> Subject: [PATCH] gnu: libntlm: Update to 1.6 [fixes CVE-2019-17455].
>
> * gnu/packages/gsasl.scm (libntlm): Update to 1.6.

Thanks! Pushed as 194cb75d85a2d282419b2a618c8e124f140859f3
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl6rAgUACgkQJkb6MLrK
fwgsCxAAy5fDTd0trg6ej3dl5wLIFOMxY7vBhVT3504kZgV/sZW3Fm+VYsP384Qk
nQuqB9O2mPACXLqKyMiiBrKgW+k5oas01yu3fS3nN81vZno2MdGgbCetuUh52QKY
H6RK7O0wnfYw8czu0shtOjqQQaMqb5w7nwYSzqCA3qehmrfgm4a29U7wb3hbfqNZ
yn1trVklmDU0AP1qwNzxURDlfpSBC0vmLMd2ZPYILmMD9uzNl+BDnRuupSZ9ENWz
b5+s+bNs/dQVicLr8StyU4RLxTlqANk5LnuWgPUOuv5pczCpPqsyBvTJJPK1d2JK
PJqSipRsQVrJ+9/tYAzPN+9IDAkckQro583iZTJviMHv49k/ziiGWOnRPse4Whjx
fbXQzKIbXHNuv4vNTmBoDe3glK0DdB9lyAgw/h9F4tLpp9n9XNgJkFrlqfJliCuC
vvbeZ6HPLl6HDjrPVvwOY3Qn5htwBwrXpR4kFCiwW6PELGTyGsTeTKJ2pE4MmAta
njuYorp3Qn0xC1E5V8QNqawjK65/FEyje/iT8Hj+I9E44OuZO79k+7T1IZkf4sPC
AlRysshRw3LYpfiMiybZ0FAf1TP/f3WdRo5cgF6neOQLZGYhX4gWnw/svWfC1oRM
/jQwzMFvF+sUAV8r8UVGm6iiRaX1OUeHvbo1adPYShMVUryd7os=
=iBtE
-----END PGP SIGNATURE-----


Closed
?