From be38b2c2b55c5a192ecb03a6c226df419ecbeaab Mon Sep 17 00:00:00 2001
From: Elliot Cameron <nixpkgs-commits@deshaw.com>
Date: Thu, 3 Aug 2023 17:13:39 -0400
Subject: [PATCH] openssh_gssapi: 9.0p1 -> 9.3p2

---
 pkgs/tools/networking/openssh/default.nix | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix
index ba0ce50d3fba..670b72160942 100644
--- a/pkgs/tools/networking/openssh/default.nix
+++ b/pkgs/tools/networking/openssh/default.nix
@@ -3,7 +3,6 @@ let
   common = opts: callPackage (import ./common.nix opts) { };
 in
 {
-
   openssh = common rec {
     pname = "openssh";
     version = "9.3p2";
@@ -59,12 +58,12 @@ in
 
   openssh_gssapi = common rec {
     pname = "openssh-with-gssapi";
-    version = "9.0p1";
+    version = "9.3p2";
     extraDesc = " with GSSAPI support";
 
     src = fetchurl {
       url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
-      sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3";
+      sha256 = "sha256-IA6+FH9ss/EB/QzfngJEKvfdyimN/9n0VoeOfMrGdug=";
     };
 
     extraPatches = [
@@ -73,11 +72,10 @@ in
       (fetchpatch {
         name = "openssh-gssapi.patch";
         url = "https://salsa.debian.org/ssh-team/openssh/raw/debian/1%25${version}-1/debian/patches/gssapi.patch";
-        sha256 = "sha256-VG7+2dfu09nvHWuSAB6sLGMmjRCDCysl/9FR1WSF21k=";
+        sha256 = "sha256-E36jxnPcu6RTyXXb9yVBCoFIVchiOSLX7L74ng1Dmao=";
       })
     ];
 
     extraNativeBuildInputs = [ autoreconfHook ];
-    extraMeta.knownVulnerabilities = [ "CVE-2023-28531" ];
   };
 }