From 4d027a44f6223681f848400c17ca5055b7078189 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sat, 25 Jan 2014 13:13:51 +0100 Subject: [PATCH] openconnect: update from 5.01 to 5.02 (CVE-2013-7098) OpenConnect v5.02 - 2014-01-01: * Fix XML POST issues with authgroups by falling back to old style login. * Fix --cookie-on-stdin with cookies from ocserv. * Fix reconnection to wrong host after redirect. * Reduce limit of queued packets on DTLS socket, to fix VoIP latency. * Fix Solaris build breakage due to missing includes. * Include path in node. * Include supporting CA certificates from PKCS#11 tokens (with GnuTLS 3.2.7+). * Fix possible heap overflow if MTU is increased on reconnection (CVE-2013-7098). --- pkgs/tools/networking/openconnect.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/openconnect.nix b/pkgs/tools/networking/openconnect.nix index 2cc52fe981b2..c523e0004d7f 100644 --- a/pkgs/tools/networking/openconnect.nix +++ b/pkgs/tools/networking/openconnect.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, pkgconfig, vpnc, openssl, libxml2 } : stdenv.mkDerivation rec { - name = "openconnect-5.01"; + name = "openconnect-5.02"; src = fetchurl { urls = [ "ftp://ftp.infradead.org/pub/openconnect/${name}.tar.gz" ]; - sha256 = "1l90ks87iwmy7jprav11lhjr4n18ycy0d9fndspg50p9qd3jlvwi"; + sha256 = "1y7dn42gd3763sgwv2j72xy9hsikd6y9x142g84kwdbn0y0psgi4"; }; preConfigure = ''