pool/openssh
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
de58418da6
openssh/openssh-6.6p1-default-protocol.patch
Petr Cerny efb05e6527 Accepting request 230097 from home:pcerny:factory 
- Update of the underlying OpenSSH to 6.6p1

- update to 6.6p1
  Security:
  * sshd(8): when using environment passing with a sshd_config(5)
    AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could
    be tricked into accepting any enviornment variable that
    contains the characters before the wildcard character.
  Features since 6.5p1:
  * ssh(1), sshd(8): removal of the J-PAKE authentication code,
    which was experimental, never enabled and has been
    unmaintained for some time.
  * ssh(1): skip 'exec' clauses other clauses predicates failed
    to match while processing Match blocks.
  * ssh(1): if hostname canonicalisation is enabled and results
    in the destination hostname being changed, then re-parse
    ssh_config(5) files using the new destination hostname. This
    gives 'Host' and 'Match' directives that use the expanded
    hostname a chance to be applied.
  Bugfixes:
  * ssh(1): avoid spurious "getsockname failed: Bad file
    descriptor" in ssh -W. bz#2200, debian#738692
  * sshd(8): allow the shutdown(2) syscall in seccomp-bpf and
    systrace sandbox modes, as it is reachable if the connection
    is terminated during the pre-auth phase.
  * ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1
    bignum parsing. Minimum key length checks render this bug
    unexploitable to compromise SSH 1 sessions.
  * sshd_config(5): clarify behaviour of a keyword that appears
    in multiple matching Match blocks. bz#2184

OBS-URL: https://build.opensuse.org/request/show/230097
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=76
2014-04-14 21:53:01 +00:00

25 lines
762 B
Diff
Raw Blame History

# only enable SSHv2 protocol by default (upstream default is fallback to v1)
diff --git a/openssh-6.6p1/ssh_config b/openssh-6.6p1/ssh_config
--- a/openssh-6.6p1/ssh_config
+++ b/openssh-6.6p1/ssh_config
@@ -41,17 +41,17 @@ ForwardX11Trusted yes
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
-# Protocol 2,1
+Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
Reference in New Issue View Git Blame Copy Permalink