bump libssh to 0.10.6

libssh 0.10.6 includes some security fixes, e.g., CVE-2023-48795.
upa · Jan 4, 2024 · 71a0998 · 71a0998
1 parent e3484db
commit 71a0998
Show file tree

Hide file tree

Showing 9 changed files with 451 additions and 17 deletions.
diff --git a/.github/workflows/build-macos.yml b/.github/workflows/build-macos.yml
@@ -30,7 +30,7 @@ jobs:
       run: echo "HOMEBREW_PREFIX=$(brew --prefix)" >> $GITHUB_OUTPUT
 
     - name: patch to libssh
-      run: patch -d libssh -p1 < patch/libssh-0.10.4.patch
+      run: patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
     - name: Configure CMake
       # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.

diff --git a/.github/workflows/build-ubuntu.yml b/.github/workflows/build-ubuntu.yml
@@ -28,7 +28,7 @@ jobs:
         sudo ./scripts/install-build-deps.sh
 
     - name: patch to libssh
-      run: patch -d libssh -p1 < patch/libssh-0.10.4.patch
+      run: patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
     - name: Configure CMake
       # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -48,7 +48,7 @@ jobs:
         sudo ./scripts/install-build-deps.sh
 
     - name: patch to libssh
-      run: patch -d libssh -p1 < patch/libssh-0.10.4.patch
+      run: patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -18,7 +18,7 @@ jobs:
           submodules: true
 
       - name: patch to libssh
-        run: patch -d libssh -p1 < patch/libssh-0.10.4.patch
+        run: patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
       # TODO: just building docker does not require packages. fix CMakeLists
       - name: install build dependency
@@ -58,7 +58,7 @@ jobs:
           submodules: true
 
       - name: patch to libssh
-        run: patch -d libssh -p1 < patch/libssh-0.10.4.patch
+        run: patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
       - name: Set variables
         run: |

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -18,7 +18,7 @@ jobs:
         submodules: true
 
     - name: patch to libssh
-      run: patch -d libssh -p1 < patch/libssh-0.10.4.patch
+      run: patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
     # TODO: just building docker does not require libssh. fix CMakeLists
     - name: install build dependency

diff --git a/README.md b/README.md
@@ -76,7 +76,7 @@ cd mscp
 
 # prepare patched libssh
 git submodule update --init
-patch -d libssh -p1 < patch/libssh-0.10.4.patch
+patch -d libssh -p1 < patch/libssh-0.10.6.patch
 
 # install build dependency
 bash ./scripts/install-build-deps.sh

diff --git a/libssh b/libssh
diff --git a/patch/README.md b/patch/README.md
@@ -1,13 +1,5 @@
 
-Patch(es) in this directory introduces `sftp_async_write()` and
+Patches in this directory introduces `sftp_async_write()` and
 `sftp_async_write_end()` to libssh. Those implementations are derived
 from https://github.com/limes-datentechnik-gmbh/libssh. See [Re: SFTP
 Write async](https://archive.libssh.org/libssh/2020-06/0000004.html).
-
-```console
-git clone https://git.libssh.org/projects/libssh.git/ --depth=1 -b libssh-0.10.4
-cd libssh
-git apply ../pathc/libssh-0.10.4.patch
-
-# then build libssh
-```