Pullup ticket #6107 - requested by is

security/libssh: security fix

Revisions pulled up:
- security/libssh/Makefile                                      1.34
- security/libssh/PLIST                                         1.15
- security/libssh/distinfo                                      1.20

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Tue Dec 31 12:27:03 UTC 2019

   Modified Files:
           pkgsrc/security/libssh: Makefile PLIST distinfo

   Log Message:
   libssh: update to 0.93.

   version 0.9.3 (released 2019-12-10)
     * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution
     * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
     * SSH-01-006 General: Various unchecked Null-derefs cause DOS
     * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
     * SSH-01-010 SSH: Deprecated hash function in fingerprinting
     * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
     * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
     * SSH-01-001 State Machine: Initial machine states should be set explicitly
     * SSH-01-002 Kex: Differently bound macros used to iterate same array
     * SSH-01-005 Code-Quality: Integer sign confusion during assignments
     * SSH-01-008 SCP: Protocol Injection via unescaped File Names
     * SSH-01-009 SSH: Update documentation which RFCs are implemented
     * SSH-01-012 PKI: Information leak via uninitialized stack buffer

3 files changed, 10 insertions, 11 deletions

diff --git a/security/libssh/Makefile b/security/libssh/Makefile
index e3b2c9e992f..3dca48c62a1 100644
--- a/security/libssh/Makefile
+++ b/security/libssh/Makefile
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.33 2019/11/28 09:25:52 bsiegert Exp $
+# $NetBSD: Makefile,v 1.33.4.1 2020/01/07 19:26:28 bsiegert Exp $
 #
 # history: upstream renamed 0.11 to 0.1.1;
 # we have to use the old-style convention so that version compares work.
 
-VER=		0.9.2
+VER=		0.9.3
 DISTNAME=	libssh-${VER}
-PKGNAME=	libssh-0.92
-PKGREVISION=	1
+PKGNAME=	libssh-0.93
 CATEGORIES=	security
 MASTER_SITES=	https://www.libssh.org/files/${VER:R}/
 EXTRACT_SUFX=	.tar.xz
diff --git a/security/libssh/PLIST b/security/libssh/PLIST
index ff8de1af154..c8d094486fb 100644
--- a/security/libssh/PLIST
+++ b/security/libssh/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.14 2019/11/13 11:49:08 wiz Exp $
+@comment $NetBSD: PLIST,v 1.14.4.1 2020/01/07 19:26:28 bsiegert Exp $
 include/libssh/callbacks.h
 include/libssh/legacy.h
 include/libssh/libssh.h
@@ -11,5 +11,5 @@ lib/cmake/libssh/libssh-config-version.cmake
 lib/cmake/libssh/libssh-config.cmake
 lib/libssh.so
 lib/libssh.so.4
-lib/libssh.so.4.8.3
+lib/libssh.so.4.8.4
 lib/pkgconfig/libssh.pc
diff --git a/security/libssh/distinfo b/security/libssh/distinfo
index 2d0b040f31c..7b3578aafb6 100644
--- a/security/libssh/distinfo
+++ b/security/libssh/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.19 2019/11/13 11:49:08 wiz Exp $
+$NetBSD: distinfo,v 1.19.4.1 2020/01/07 19:26:28 bsiegert Exp $
 
-SHA1 (libssh-0.9.2.tar.xz) = ad1430cacb01c1f4c0a3bfdc9c0d402e6f56e1ae
-RMD160 (libssh-0.9.2.tar.xz) = c13dd04259d494cc59fe089793b551643b8699cd
-SHA512 (libssh-0.9.2.tar.xz) = 93b689cd7f3bd32716d7821219e25f91214f71be3867c622ae0ae73cdb2d20af2daa9c3c8180b71434915154f2bc374df7193b3a67a9b9e8bf06e955419285d0
-Size (libssh-0.9.2.tar.xz) = 495876 bytes
+SHA1 (libssh-0.9.3.tar.xz) = 24bb9d6f53691236f34cc8e6fec86dd659aef757
+RMD160 (libssh-0.9.3.tar.xz) = ef2f8e5564f7508db4829fe655644d959e35da5d
+SHA512 (libssh-0.9.3.tar.xz) = 6e59718565daeca6d224426cc1095a112deff9af8e0b021917e04f08bb7409263c35724de95f591f38e26f0fb3bbbbc69b679b6775edc21dec158d241b076c6f
+Size (libssh-0.9.3.tar.xz) = 500068 bytes
 SHA1 (patch-CompilerChecks.cmake) = 77b93572006132c557cb9a57698e8455f7874073