6c861e0b33
- remaining patches that were still missing since the update to 7.2p2 (FATE#319675): [openssh-7.2p2-disable_openssl_abi_check.patch] - fix forwarding with IPv6 addresses in DISPLAY (bnc#847710) [openssh-7.2p2-IPv6_X_forwarding.patch] - ignore PAM environment when using login (bsc#975865, CVE-2015-8325) [openssh-7.2p2-ignore_PAM_with_UseLogin.patch] - limit accepted password length (prevents possible DoS) (bsc#992533, CVE-2016-6515) [openssh-7.2p2-limit_password_length.patch] - Prevent user enumeration through the timing of password processing (bsc#989363, CVE-2016-6210) [openssh-7.2p2-prevent_timing_user_enumeration.patch] - Add auditing for PRNG re-seeding [openssh-7.2p2-audit_seed_prng.patch] OBS-URL: https://build.opensuse.org/request/show/433779 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=113
57 lines
1.4 KiB
Diff
57 lines
1.4 KiB
Diff
# HG changeset patch
|
|
# Parent e7bdbc5ea8971599466becf01bff12b9fcb5df3e
|
|
Enable the seccomp-bpf sandbox on more architectures
|
|
|
|
upstream commit: b9c50614eba9d90939b2b119b6e1b7e03b462278 (7.3p1)
|
|
Author: Damien Miller <djm@mindrot.org>
|
|
Date: Fri Jul 8 13:59:13 2016 +1000
|
|
|
|
whitelist more architectures for seccomp-bpf
|
|
|
|
bz#2590 - testing and patch from Jakub Jelen
|
|
|
|
diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac
|
|
--- a/openssh-7.2p2/configure.ac
|
|
+++ b/openssh-7.2p2/configure.ac
|
|
@@ -818,16 +818,40 @@ main() { if (NSVersionOfRunTimeLibrary("
|
|
seccomp_audit_arch=AUDIT_ARCH_I386
|
|
;;
|
|
arm*-*)
|
|
seccomp_audit_arch=AUDIT_ARCH_ARM
|
|
;;
|
|
aarch64*-*)
|
|
seccomp_audit_arch=AUDIT_ARCH_AARCH64
|
|
;;
|
|
+ s390x-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_S390X
|
|
+ ;;
|
|
+ s390-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_S390
|
|
+ ;;
|
|
+ powerpc64-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_PPC64
|
|
+ ;;
|
|
+ powerpc64le-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_PPC64LE
|
|
+ ;;
|
|
+ mips-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_MIPS
|
|
+ ;;
|
|
+ mipsel-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_MIPSEL
|
|
+ ;;
|
|
+ mips64-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_MIPS64
|
|
+ ;;
|
|
+ mips64el-*)
|
|
+ seccomp_audit_arch=AUDIT_ARCH_MIPSEL64
|
|
+ ;;
|
|
esac
|
|
if test "x$seccomp_audit_arch" != "x" ; then
|
|
AC_MSG_RESULT(["$seccomp_audit_arch"])
|
|
AC_DEFINE_UNQUOTED([SECCOMP_AUDIT_ARCH], [$seccomp_audit_arch],
|
|
[Specify the system call convention in use])
|
|
else
|
|
AC_MSG_RESULT([architecture not supported])
|
|
fi
|