diff --git a/libssh2-1.6.0.tar.gz b/libssh2-1.6.0.tar.gz deleted file mode 100644 index fbbbaea..0000000 --- a/libssh2-1.6.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5a202943a34a1d82a1c31f74094f2453c207bf9936093867f41414968c8e8215 -size 734110 diff --git a/libssh2-1.6.0.tar.gz.asc b/libssh2-1.6.0.tar.gz.asc deleted file mode 100644 index f1a3c17..0000000 --- a/libssh2-1.6.0.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlV6gyoACgkQeOEcayedXJElLwCgtOpiIjLEsZJ35VzoJI2sWesg -nYkAn11F5GnIPFnnEWXh1XOurRUuEroM -=Zy1X ------END PGP SIGNATURE----- diff --git a/libssh2-1.7.0.tar.gz b/libssh2-1.7.0.tar.gz new file mode 100644 index 0000000..bcdb742 --- /dev/null +++ b/libssh2-1.7.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e4561fd43a50539a8c2ceb37841691baf03ecb7daf043766da1b112e4280d584 +size 811714 diff --git a/libssh2-1.7.0.tar.gz.asc b/libssh2-1.7.0.tar.gz.asc new file mode 100644 index 0000000..cf4346f --- /dev/null +++ b/libssh2-1.7.0.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlbMEL8ACgkQeOEcayedXJF5tACfZmguye6QRCNxoPl0Tj7TsfSe +MF8AoPqWRB60bCBUooHAKGtMntfWXVyz +=St5v +-----END PGP SIGNATURE----- diff --git a/libssh2-ocloexec.patch b/libssh2-ocloexec.patch index 2500f45..d2af8d0 100644 --- a/libssh2-ocloexec.patch +++ b/libssh2-ocloexec.patch @@ -9,10 +9,10 @@ Subject: [PATCH] Use O_CLOEXEC where needed src/userauth.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) -Index: libssh2-1.4.3/src/agent.c +Index: libssh2-1.7.0/src/agent.c =================================================================== ---- libssh2-1.4.3.orig/src/agent.c 2012-03-05 20:04:56.000000000 +0100 -+++ libssh2-1.4.3/src/agent.c 2013-01-08 16:24:07.572195659 +0100 +--- libssh2-1.7.0.orig/src/agent.c 2016-02-09 22:54:08.000000000 +0100 ++++ libssh2-1.7.0/src/agent.c 2016-02-23 14:36:47.133091344 +0100 @@ -152,7 +152,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent) return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_USE, "no auth sock variable"); @@ -22,11 +22,11 @@ Index: libssh2-1.4.3/src/agent.c if (agent->fd < 0) return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_SOCKET, "failed creating socket"); -Index: libssh2-1.4.3/src/knownhost.c +Index: libssh2-1.7.0/src/knownhost.c =================================================================== ---- libssh2-1.4.3.orig/src/knownhost.c 2012-08-21 20:27:22.000000000 +0200 -+++ libssh2-1.4.3/src/knownhost.c 2013-01-08 16:24:07.573195691 +0100 -@@ -907,7 +907,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN +--- libssh2-1.7.0.orig/src/knownhost.c 2015-03-19 14:01:33.000000000 +0100 ++++ libssh2-1.7.0/src/knownhost.c 2016-02-23 14:36:47.134091362 +0100 +@@ -954,7 +954,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN "Unsupported type of known-host information " "store"); @@ -35,7 +35,7 @@ Index: libssh2-1.4.3/src/knownhost.c if(file) { while(fgets(buf, sizeof(buf), file)) { if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) { -@@ -1082,7 +1082,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW +@@ -1178,7 +1178,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW "Unsupported type of known-host information " "store"); @@ -44,11 +44,11 @@ Index: libssh2-1.4.3/src/knownhost.c if(!file) return _libssh2_error(hosts->session, LIBSSH2_ERROR_FILE, "Failed to open file"); -Index: libssh2-1.4.3/src/userauth.c +Index: libssh2-1.7.0/src/userauth.c =================================================================== ---- libssh2-1.4.3.orig/src/userauth.c 2012-04-18 22:24:04.000000000 +0200 -+++ libssh2-1.4.3/src/userauth.c 2013-01-08 16:24:07.573195691 +0100 -@@ -467,7 +467,7 @@ file_read_publickey(LIBSSH2_SESSION * se +--- libssh2-1.7.0.orig/src/userauth.c 2016-01-18 13:41:58.000000000 +0100 ++++ libssh2-1.7.0/src/userauth.c 2016-02-23 14:36:47.134091362 +0100 +@@ -538,7 +538,7 @@ file_read_publickey(LIBSSH2_SESSION * se _libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s", pubkeyfile); /* Read Public Key */ diff --git a/libssh2_org.changes b/libssh2_org.changes index 45741dd..91418b9 100644 --- a/libssh2_org.changes +++ b/libssh2_org.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Tue Feb 23 13:37:02 UTC 2016 - vcizek@suse.com + +- update to 1.7.0 + * Fixes CVE-2016-0787 (boo#967026) + * Changes: + libssh2_session_set_last_error: Add function + mac: Add support for HMAC-SHA-256 and HMAC-SHA-512 + WinCNG: support for SHA256/512 HMAC + kex: Added diffie-hellman-group-exchange-sha256 support + OS/400 crypto library QC3 support + * and many bugfixes + ------------------------------------------------------------------- Fri Jun 12 18:53:42 UTC 2015 - vcizek@suse.com diff --git a/libssh2_org.spec b/libssh2_org.spec index 73823a7..f78ebbd 100644 --- a/libssh2_org.spec +++ b/libssh2_org.spec @@ -1,7 +1,7 @@ # # spec file for package libssh2_org # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ License: BSD-3-Clause Group: Development/Libraries/C and C++ Name: libssh2_org -Version: 1.6.0 +Version: 1.7.0 Release: 0 Url: http://www.libssh2.org/ %define pkg_name libssh2