update needed to libssh2 v1.8.1 or newer

nodegit consumes libssh2 1.8.0, which has the following security advisories:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3859
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3863

Our vulnerability scanner, which is flagging us as being insecure because of these, suggests moving up to at least v1.8.1 of this dependency to mitigate these issues.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

update needed to libssh2 v1.8.1 or newer #1670

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

update needed to libssh2 v1.8.1 or newer #1670

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions