pool/openssh
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Commit Graph

  • 18d888f3cc Accepting request 1277188 from network factory Ana Guerrero 2025-05-15 14:59:35 +00:00
  • 35f0e177c1 - Enable --with-logind to call the SetTTY dbus method in systemd in SLE15 too. This allows "wall" to print messages in ssh ttys (bsc#1239671) - Small fixes to unref the dbus session when any error occurs: * logind_set_tty.patch devel Antonio Larrosa 2025-05-13 15:12:56 +00:00
  • 19a564c163 Accepting request 1272617 from network slfo-main slfo-1.2 Ana Guerrero 2025-04-25 20:18:22 +00:00
  • e33b294c28 Accepting request 1272616 from home:alarrosa:branches:network Antonio Larrosa 2025-04-25 08:52:00 +00:00
  • 7808b8b65c Accepting request 1271991 from home:hpjansson:branches:network Antonio Larrosa 2025-04-23 13:19:09 +00:00
  • 2eacf2cfde Accepting request 1268318 from home:alarrosa:branches:network Antonio Larrosa 2025-04-10 08:34:48 +00:00
  • 28522f6381 Accepting request 1268313 from home:alarrosa:branches:network Antonio Larrosa 2025-04-10 08:29:39 +00:00
  • 291502af75 Accepting request 1268307 from home:alarrosa:branches:network Antonio Larrosa 2025-04-10 08:25:01 +00:00
  • 0636d865dc Accepting request 1268142 from home:alarrosa:branches:network Antonio Larrosa 2025-04-09 11:17:47 +00:00
  • 52583b8481 Accepting request 1268126 from home:alarrosa:branches:network Antonio Larrosa 2025-04-09 10:49:15 +00:00
  • b867c42e05 Accepting request 1267606 from network Ana Guerrero 2025-04-08 15:50:42 +00:00
  • 92eb08400f - Disable seccomp_filter and rlimitsandbox sandbox for loongarch. seccomp_filter and rlimitsandbox not supported on loongarch64 yet. Antonio Larrosa 2025-04-07 10:00:08 +00:00
  • 5697319adc Accepting request 1246976 from network Ana Guerrero 2025-02-20 15:27:08 +00:00
  • 5ccb79f3f3 Accepting request 1246973 from home:alarrosa:branches:network:openssh Antonio Larrosa 2025-02-19 09:31:07 +00:00
  • 865baddeec Accepting request 1246612 from network Ana Guerrero 2025-02-18 18:08:49 +00:00
  • d77e0c9092 - Update to openssh 9.9p2: = Security * Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1 (inclusive) contained a logic error that allowed an on-path attacker (a.k.a MITM) to impersonate any server when the VerifyHostKeyDNS option is enabled. This option is off by default. * Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1 (inclusive) is vulnerable to a memory/CPU denial-of-service related to the handling of SSH2_MSG_PING packets. This condition may be mitigated using the existing PerSourcePenalties feature. Both vulnerabilities were discovered and demonstrated to be exploitable by the Qualys Security Advisory team. The openSSH team thanks them for their detailed review of OpenSSH. = Bugfixes * ssh(1), sshd(8): fix regression in Match directive that caused failures when predicates and their arguments were separated by '=' characters instead of whitespace (bz3739). * sshd(8): fix the "Match invalid-user" predicate, which was matching incorrectly in the initial pass of config evaluation. * ssh(1), sshd(8), ssh-keyscan(1): fix mlkem768x25519-sha256 key exchange on big-endian systems. * Fix a number of build problems on particular operating systems and configurations. - Remove patches that are already included in 9.9p2: * 0001-fix-utmpx-ifdef.patch * 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch * 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch * 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch Antonio Larrosa 2025-02-18 09:56:28 +00:00
  • d7201bdb47 - Fix a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client and a DoS attack against OpenSSH's client and server (bsc#1237040, CVE-2025-26465, bsc#1237041, CVE-2025-26466): * fix-CVE-2025-26465-and-CVE-2025-26466.patch Antonio Larrosa 2025-02-18 09:10:29 +00:00
  • 964d8415a2 Accepting request 1244734 from network Ana Guerrero 2025-02-11 20:20:54 +00:00
  • 5b8687e2a3 - Drop rcFOO symlinks for CODE16 (PED-266). Antonio Larrosa 2025-02-10 11:55:37 +00:00
  • 67e6fdb025 Accepting request 1218789 from network Ana Guerrero 2024-10-29 13:31:58 +00:00
  • 717dd2da2c - Don't force using gcc11 on SLFO/ALP which have a newer version. Antonio Larrosa 2024-10-28 11:22:01 +00:00
  • 33d804a345 - Add patches from upstream: - To fix a copy&paste oversight in an ifdef : * 0001-fix-utmpx-ifdef.patch - To fix a regression introduced when the "Match" criteria tokenizer was modified since it stopped supporting the "Match criteria=argument" format: * 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch - To fix the previous patch which broke on negated Matches: * 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch - To fix the ML-KEM768x25519 kex algorithm on big-endian systems: * 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch Antonio Larrosa 2024-10-28 11:16:49 +00:00
  • 01365117e3 Accepting request 1207974 from network Ana Guerrero 2024-10-15 12:57:58 +00:00
  • 219dd97d90 - Use %{with ...} instead of 0%{with ...} Antonio Larrosa 2024-10-14 15:20:38 +00:00
  • 77745960a4 Accepting request 1207806 from network Dominique Leuenberger 2024-10-14 11:06:29 +00:00
  • 77273f8679 Updated the patch with a suggestion from upstream. Antonio Larrosa 2024-10-14 06:33:00 +00:00
  • fef82d94da Accepting request 1203550 from network Ana Guerrero 2024-09-26 16:52:30 +00:00
  • a77a72fabb - Add a const to the openssl 1.1/RSA section of sshkey_is_private to keep it similar to what it used before the 9.9 rebase: * openssh-8.1p1-audit.patch - Add a openssl11 bcond to the spec file for the SLE12 case instead of checking suse_version in different parts. - Move conditional patches to a number >= 1000. Antonio Larrosa 2024-09-25 11:55:37 +00:00
  • 3f6eda5c88 - Update to openssh 9.9p1: * No changes for askpass, see main package changelog for details. Marcus Meissner 2024-09-25 08:42:29 +00:00
  • f15242edbd Accepting request 1200282 from network Ana Guerrero 2024-09-13 12:26:08 +00:00
  • fef1b16e66 - Drop most of openssh-6.6p1-keycat.patch (actually, it was just commented out). The keycat binary isn't really installed nor supported, so we can drop it, except for the code that is used by other SELinux patches, which is what I kept from that patch (boo#1229072). - Add patch submitted to upstream to fix RFC4256 implementation so that keyboard-interactive authentication method can send instructions and sshd shows them to users even before a prompt is requested. This fixes MFA push notifications (boo#1229010). * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch Antonio Larrosa 2024-09-12 10:24:41 +00:00
  • fbdd7af379 Accepting request 1196434 from network Dominique Leuenberger 2024-08-29 13:42:55 +00:00
  • dd9c4b9bb1 - Add patch to fix sshd not logging in the audit failed login attempts (submitted to upstream in https://github.com/openssh/openssh-portable/pull/516): * fix-audit-fail-attempt.patch - Use --enable-dsa-keys when building openssh. It's required if the user sets the crypto-policy mode to LEGACY, where DSA keys should be allowed. The option was added by upstream in 9.7 and set to disabled by default. - These two changes fix 2 of the 3 issues reported in bsc#1229650. Antonio Larrosa 2024-08-23 12:36:12 +00:00
  • e7740396e0 https://bugzilla.opensuse.org/show_bug.cgi?id=1229650 Ana Guerrero 2024-08-22 10:34:42 +00:00
  • 8a8ed57387 Accepting request 1194679 from network Ana Guerrero 2024-08-21 21:24:44 +00:00
  • da2c6cc517 - Update to openssh 9.8p1: * No changes for askpass, see main package changelog for details. Antonio Larrosa 2024-08-12 09:54:46 +00:00
  • d5d292d413 Accepting request 1185823 from network Ana Guerrero 2024-07-08 17:06:54 +00:00
  • 869b2ae788 - Add patch from upstream to fix proxy multiplexing mode: * 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch - Add patch from upstream to restore correctly sigprocmask * 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch - Add patch from upstream to fix a logic error in ObscureKeystrokeTiming that rendered this feature ineffective, allowing a passive observer to detect which network packets contained real keystrokes (bsc#1227318, CVE-2024-39894): * 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch Antonio Larrosa 2024-07-05 19:01:36 +00:00
  • 45f6d17800 - Add obsoletes for openssh-server-config-rootlogin since that package existed for a brief period of time during SLE 15 SP6/ Leap 15.6 development but even if it was removed from the repositories before GM, some users might have it in their systems from having tried a beta/RC release (boo#1227350). Antonio Larrosa 2024-07-05 11:34:53 +00:00
  • 414e74b526 Accepting request 1184302 from network Ana Guerrero 2024-07-02 16:16:12 +00:00
  • 0aa4b1876f - Add patch to fix a race condition in a signal handler by removing the async-signal-unsafe code (CVE-2024-6387, bsc#1226642): * fix-CVE-2024-6387.patch Antonio Larrosa 2024-07-01 11:50:15 +00:00
  • 909e5eb8e7 Accepting request 1179624 from network Ana Guerrero 2024-06-10 15:37:06 +00:00
  • b4dab4a6f7 Accepting request 1179619 from home:alarrosa:branches:network:openssh Dirk Mueller 2024-06-10 07:34:57 +00:00
  • 9b110f7def Accepting request 1174781 from network Ana Guerrero 2024-05-17 18:03:57 +00:00
  • e11bee9499 Accepting request 1174779 from home:alarrosa:branches:network:openssh-permit-root-login Antonio Larrosa 2024-05-17 08:01:30 +00:00
  • b81f1e76c1 https://bugzilla.opensuse.org/show_bug.cgi?id=1224392 Dominique Leuenberger 2024-05-17 07:34:04 +00:00
  • 5d0cbae36f Accepting request 1173885 from network Ana Guerrero 2024-05-15 19:25:44 +00:00
  • f2379e82ce Accepting request 1173783 from home:alarrosa:branches:network:openssh-permit-root-login Dirk Mueller 2024-05-14 06:52:13 +00:00
  • 04d08a5024 Accepting request 1167856 from network Ana Guerrero 2024-04-16 18:03:15 +00:00
  • 9d3cbd48d5 Accepting request 1167855 from home:alarrosa:branches:network Antonio Larrosa 2024-04-15 17:00:32 +00:00
  • 6016b8b08a Accepting request 1167816 from home:msmeissn:branches:network Antonio Larrosa 2024-04-15 15:41:38 +00:00
  • 1f2a4cd9cc Accepting request 1167038 from home:alarrosa:branches:network Antonio Larrosa 2024-04-15 06:21:11 +00:00
  • e40d53fa8e Accepting request 1166980 from network Ana Guerrero 2024-04-14 09:53:40 +00:00
  • 83215f33b6 Accepting request 1166764 from home:Arnavion Antonio Larrosa 2024-04-12 06:38:08 +00:00
  • 6b2f2760ef Accepting request 1166157 from network Ana Guerrero 2024-04-08 15:37:41 +00:00
  • 2793e0783a Accepting request 1166156 from home:alarrosa:branches:network Antonio Larrosa 2024-04-08 11:15:17 +00:00
  • 2f5a8dd315 Accepting request 1165554 from home:alarrosa:branches:network Antonio Larrosa 2024-04-05 11:11:29 +00:00
  • b0b10ece31 Accepting request 1165549 from home:alarrosa:branches:network2 Antonio Larrosa 2024-04-05 11:08:11 +00:00
  • 2399b4e4c2 Accepting request 1165438 from home:alarrosa:branches:network2 Antonio Larrosa 2024-04-05 07:57:21 +00:00
  • bf408fc2b0 Accepting request 1164536 from network Ana Guerrero 2024-04-04 20:24:47 +00:00
  • c133b2d567 Accepting request 1164145 from home:alarrosa:branches:network Marcus Meissner 2024-04-04 09:11:43 +00:00
  • 5252cd62e2 Accepting request 1155471 from home:pmonrealgonzalez:branches:network Marcus Meissner 2024-04-04 09:11:25 +00:00
  • 2446674e73 Accepting request 1150501 from network Ana Guerrero 2024-02-27 21:43:12 +00:00
  • b3ff99ae3c Accepting request 1150500 from home:hpjansson:branches:network Hans Petter Jansson 2024-02-25 18:43:17 +00:00
  • b339dda6d3 Accepting request 1133933 from network Ana Guerrero 2023-12-19 22:15:40 +00:00
  • 9778084948 Accepting request 1133932 from home:hpjansson:branches:network Hans Petter Jansson 2023-12-19 01:54:09 +00:00
  • f716c85e71 Accepting request 1113799 from home:kukuk:branches:network Hans Petter Jansson 2023-12-19 01:39:20 +00:00
  • cb6e8d7fb0 Accepting request 1129646 from network Ana Guerrero 2023-11-30 20:59:01 +00:00
  • 74e20db9ed Accepting request 1123220 from home:jsegitz:branches:network Hans Petter Jansson 2023-11-28 16:35:34 +00:00
  • e66925b0bb Accepting request 1120184 from network Ana Guerrero 2023-10-25 16:02:04 +00:00
  • ac7d1e8af4 Accepting request 1119952 from home:dimstar:Factory Marcus Meissner 2023-10-25 07:33:22 +00:00
  • 4fe7f3bfa0 Accepting request 1112087 from network Ana Guerrero 2023-09-22 19:46:58 +00:00
  • a4dae544f0 Accepting request 1110800 from home:kukuk:no-utmp Hans Petter Jansson 2023-09-18 22:02:17 +00:00
  • b77a1e6444 Accepting request 1099856 from network Ana Guerrero 2023-07-24 16:11:47 +00:00
  • 67a17999e6 Accepting request 1099810 from home:simotek:branches:network Marcus Meissner 2023-07-21 07:35:33 +00:00
  • af4711fbad Accepting request 1090577 from network Dominique Leuenberger 2023-06-06 17:54:55 +00:00
  • 6c6fb17632 Accepting request 1089432 from home:AndreasStieger:branches:network Dirk Mueller 2023-06-02 21:14:12 +00:00
  • 03fc1a6def Accepting request 1087770 from home:alarrosa:branches:network Hans Petter Jansson 2023-05-22 19:32:26 +00:00
  • 827852cf8f Accepting request 1079298 from network Dominique Leuenberger 2023-04-15 20:32:04 +00:00
  • 789436c617 Accepting request 1074609 from home:kukuk:branches:network Hans Petter Jansson 2023-04-13 21:23:05 +00:00
  • 3fa7ba428e Accepting request 1074486 from network Dominique Leuenberger 2023-03-28 15:48:40 +00:00
  • a004ad47ca Accepting request 1065922 from home:kukuk:branches:network Dirk Mueller 2023-03-26 16:59:52 +00:00
  • d44fd05f6e Accepting request 1044051 from network Dominique Leuenberger 2022-12-23 09:20:44 +00:00
  • 988310371c Accepting request 1043949 from home:ohollmann:branches:network Marcus Meissner 2022-12-21 10:48:51 +00:00
  • 00be3aea91 Accepting request 1043180 from network Dominique Leuenberger 2022-12-16 16:51:30 +00:00
  • e92e6f5af4 - limit to openssl < 3.0 as this version is not compatible (bsc#1205042) next version update will fix it Dirk Mueller 2022-12-15 16:35:54 +00:00
  • c101ef4ce6 Accepting request 1035879 from network Dominique Leuenberger 2022-11-16 14:42:34 +00:00
  • 4038ff6c0f Accepting request 1034974 from home:hpjansson:openssh-tw Marcus Meissner 2022-11-15 15:28:59 +00:00
  • 1f860174e8 Accepting request 999883 from network Dominique Leuenberger 2022-08-30 12:48:22 +00:00
  • cb5c9c99b3 Accepting request 993701 from home:kukuk:branches:network Marcus Meissner 2022-08-29 08:24:07 +00:00
  • 63ac7ad8d3 Accepting request 997452 from network Dominique Leuenberger 2022-08-18 14:48:44 +00:00
  • 88b8e8e7aa Accepting request 997549 from home:adamm:branches:network Hans Petter Jansson 2022-08-17 12:48:06 +00:00
  • 6c8ae3051c Accepting request 987179 from home:adamm:branches:network Hans Petter Jansson 2022-08-17 00:38:45 +00:00
  • 7bf6c9fe4d Accepting request 973782 from network Dominique Leuenberger 2022-05-01 16:53:26 +00:00
  • 859cab66f6 Accepting request 965435 from home:lnussel:branches:network Hans Petter Jansson 2022-04-29 00:45:48 +00:00
  • 7cf91bcce7 Accepting request 960152 from network Dominique Leuenberger 2022-03-09 17:47:00 +00:00
  • 0957114f91 Accepting request 960041 from home:hpjansson:openssh-tw Dirk Mueller 2022-03-08 07:49:22 +00:00
  • b2b28a4fe4 Accepting request 923951 from network Dominique Leuenberger 2021-10-11 14:48:36 +00:00
  • b70ac3730b - openssh.keyring: rotated to new key from https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc Marcus Meissner 2021-10-07 15:19:27 +00:00
  • 3fed02069e Accepting request 922068 from home:hpjansson:branches:network Marcus Meissner 2021-10-07 08:06:58 +00:00