- Remove the "KexDHMin" config keyword (bsc#1127180)
It used to allow lowering of the minimal allowed DH group size,
which was increased to 2048 by upstream in the light of the Logjam
attack.
The code was broken since the upgrade to 7.6p1, but nobody noticed.
As apparently no one needs the functionality any more, let's drop
the patch.
It's still possible to use the fixed 1024-bit diffie-hellman-group1-sha1
key exchange method when working with legacy systems.
- drop openssh-7.7p1-disable_short_DH_parameters.patch
- updated patches:
openssh-7.7p1-fips.patch
openssh-7.7p1-fips_checks.patch
openssh-7.7p1-gssapi_key_exchange.patch
OBS-URL: https://build.opensuse.org/request/show/679869
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=181
- Update to 7.8p1:
* no actual changes for the askpass
- Format with spec-cleaner
- Respect cflags
- Use gtk3 rather than gtk2 which is being phased out
- Remove the mention of the SLE12 in the README.SUSE
- Install firewall rules only when really needed (<SLE15)
- Version update to 7.8p1:
* For most details see release notes file
* ssh-keygen(1): write OpenSSH format private keys by default
instead of using OpenSSL's PEM format
- Rebase patches to apply on 7.8p1 release:
* openssh-7.7p1-fips.patch
* openssh-7.7p1-cavstest-kdf.patch
* openssh-7.7p1-fips_checks.patch
* openssh-7.7p1-gssapi_key_exchange.patch
* openssh-7.7p1-audit.patch
* openssh-7.7p1-openssl_1.1.0.patch
* openssh-7.7p1-ldap.patch
* openssh-7.7p1-IPv6_X_forwarding.patch
* openssh-7.7p1-sftp_print_diagnostic_messages.patch
* openssh-7.7p1-disable_short_DH_parameters.patch
* openssh-7.7p1-hostname_changes_when_forwarding_X.patch
* openssh-7.7p1-pam_check_locks.patch
* openssh-7.7p1-seed-prng.patch
* openssh-7.7p1-systemd-notify.patch
* openssh-7.7p1-X11_trusted_forwarding.patch
- Dropped patches:
OBS-URL: https://build.opensuse.org/request/show/642573
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=153
