Antonio Larrosa
45f6d17800
package existed for a brief period of time during SLE 15 SP6/
Leap 15.6 development but even if it was removed from the
repositories before GM, some users might have it in their
systems from having tried a beta/RC release (boo#1227350).
quoting was present in the user-supplied ssh_config(5) directive
(bsc#1218215, CVE-2023-51385).
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=270
25 lines
837 B
Diff
25 lines
837 B
Diff
From 5af6fd5461bb709304e6979c8b7856c7af921c9e Mon Sep 17 00:00:00 2001
|
|
From: Darren Tucker <dtucker@dtucker.net>
|
|
Date: Mon, 16 Dec 2019 13:55:56 +1100
|
|
Subject: [PATCH] Allow clock_nanosleep_time64 in seccomp sandbox.
|
|
|
|
Needed on Linux ARM. bz#3100, patch from jjelen@redhat.com.
|
|
---
|
|
sandbox-seccomp-filter.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
Index: openssh-8.8p1/sandbox-seccomp-filter.c
|
|
===================================================================
|
|
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
|
|
+++ openssh-8.8p1/sandbox-seccomp-filter.c
|
|
@@ -276,6 +276,9 @@ static const struct sock_filter preauth_
|
|
#ifdef __NR_clock_nanosleep
|
|
SC_ALLOW(__NR_clock_nanosleep),
|
|
#endif
|
|
+#ifdef __NR_clock_nanosleep_time64
|
|
+ SC_ALLOW(__NR_clock_nanosleep_time64),
|
|
+#endif
|
|
#ifdef __NR__newselect
|
|
SC_ALLOW(__NR__newselect),
|
|
#endif
|