pool/openssh
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 746672 from home:elvigia:branches:network

Browse Source 
- Add openssh-8.1p1-seccomp-clock_nanosleep.patch, allow clock_nanosleep
  glibc master implements multiple functions using that syscall making
  the privsep sandbox kill the preauth process.

OBS-URL: https://build.opensuse.org/request/show/746672
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=201
This commit is contained in:
Tomáš Chvátal 2019-11-14 15:26:26 +00:00 committed by Git OBS Bridge
parent 5c5997059e
commit 2d48f44a64
4 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
openssh-8.1p1-seccomp-clock_nanosleep.patch Normal file
View File

@ -0,0 +1,14 @@
Index: openssh-8.1p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.1p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.1p1/sandbox-seccomp-filter.c
@@ -248,6 +248,9 @@ static const struct sock_filter preauth_
#ifdef __NR_nanosleep
SC_ALLOW(__NR_nanosleep),
#endif
+#ifdef __NR_clock_nanosleep
+ SC_ALLOW(__NR_clock_nanosleep),
+#endif
#ifdef __NR__newselect
SC_ALLOW(__NR__newselect),
#endif

2
openssh-askpass-gnome.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package openssh-askpass-gnome # spec file for package openssh-askpass-gnome
# #
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2019 SUSE LLC.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed

7
openssh.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Fri Nov 8 18:05:37 UTC 2019 - Cristian Rodríguez <crrodriguez@opensuse.org>
- Add openssh-8.1p1-seccomp-clock_nanosleep.patch, allow clock_nanosleep
glibc master implements multiple functions using that syscall making
the privsep sandbox kill the preauth process.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Oct 14 23:58:39 UTC 2019 - Hans Petter Jansson <hpj@suse.com> Mon Oct 14 23:58:39 UTC 2019 - Hans Petter Jansson <hpj@suse.com>

3
openssh.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package openssh # spec file for package openssh
# #
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2019 SUSE LLC.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -99,6 +99,7 @@ Patch32: openssh-7.7p1-IPv6_X_forwarding.patch
Patch33: openssh-7.7p1-sftp_print_diagnostic_messages.patch Patch33: openssh-7.7p1-sftp_print_diagnostic_messages.patch
Patch34: openssh-7.9p1-keygen-preserve-perms.patch Patch34: openssh-7.9p1-keygen-preserve-perms.patch
Patch35: openssh-7.9p1-revert-new-qos-defaults.patch Patch35: openssh-7.9p1-revert-new-qos-defaults.patch
Patch36: openssh-8.1p1-seccomp-clock_nanosleep.patch
BuildRequires: audit-devel BuildRequires: audit-devel
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: groff BuildRequires: groff