forked from pool/openssh
Accepting request 141129 from network
- Updated to 6.1p1, a bugfix release Features: * sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner. Bugfixes: * ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap. OBS-URL: https://build.opensuse.org/request/show/141129 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=82
This commit is contained in:
commit
6d007f0e34
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:589d48e952d6c017e667873486b5df63222f9133d417d0002bd6429d9bd882de
|
||||
size 1126034
|
3
openssh-6.1p1.tar.gz
Normal file
3
openssh-6.1p1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d1c157f6c0852e90c191cc7c9018a583b51e3db4035489cb262639d337a1c411
|
||||
size 1134820
|
@ -1,3 +1,44 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 13 10:51:12 UTC 2012 - meissner@suse.com
|
||||
|
||||
- Updated to 6.1p1, a bugfix release
|
||||
Features:
|
||||
* sshd(8): This release turns on pre-auth sandboxing sshd by default for
|
||||
new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
|
||||
* ssh-keygen(1): Add options to specify starting line number and number of
|
||||
lines to process when screening moduli candidates, allowing processing
|
||||
of different parts of a candidate moduli file in parallel
|
||||
* sshd(8): The Match directive now supports matching on the local (listen)
|
||||
address and port upon which the incoming connection was received via
|
||||
LocalAddress and LocalPort clauses.
|
||||
* sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
|
||||
and {Allow,Deny}{Users,Groups}
|
||||
* Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
|
||||
* ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
|
||||
* sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
|
||||
an argument to refuse all port-forwarding requests.
|
||||
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
|
||||
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
|
||||
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
|
||||
to append some arbitrary text to the server SSH protocol banner.
|
||||
Bugfixes:
|
||||
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
|
||||
descriptor exhaustion. Instead back off for a while.
|
||||
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
|
||||
they were removed from the specification. bz#2023,
|
||||
* sshd(8): Handle long comments in config files better. bz#2025
|
||||
* ssh(1): Delay setting tty_flag so RequestTTY options are correctly
|
||||
picked up. bz#1995
|
||||
* sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
|
||||
on platforms that use login_cap.
|
||||
Portable OpenSSH:
|
||||
* sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit
|
||||
sandbox from the Linux SECCOMP filter sandbox when the latter is
|
||||
not available in the kernel.
|
||||
* ssh(1): Fix NULL dereference when built with LDNS and using DNSSEC to
|
||||
retrieve a CNAME SSHFP record.
|
||||
* Fix cross-compilation problems related to pkg-config. bz#1996
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 27 09:51:19 UTC 2012 - coolo@suse.com
|
||||
|
||||
|
@ -26,7 +26,7 @@ BuildRequires: openssl-devel
|
||||
BuildRequires: pam-devel
|
||||
BuildRequires: tcpd-devel
|
||||
BuildRequires: update-desktop-files
|
||||
Version: 6.0p1
|
||||
Version: 6.1p1
|
||||
Release: 0
|
||||
Requires: openssh = %{version}
|
||||
Summary: A GNOME-Based Passphrase Dialog for OpenSSH
|
||||
|
@ -1,3 +1,50 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 13 10:26:37 UTC 2012 - meissner@suse.com
|
||||
|
||||
- Updated to 6.1p1, a bugfix release
|
||||
Features:
|
||||
* sshd(8): This release turns on pre-auth sandboxing sshd by default for
|
||||
new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
|
||||
* ssh-keygen(1): Add options to specify starting line number and number of
|
||||
lines to process when screening moduli candidates, allowing processing
|
||||
of different parts of a candidate moduli file in parallel
|
||||
* sshd(8): The Match directive now supports matching on the local (listen)
|
||||
address and port upon which the incoming connection was received via
|
||||
LocalAddress and LocalPort clauses.
|
||||
* sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
|
||||
and {Allow,Deny}{Users,Groups}
|
||||
* Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
|
||||
* ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
|
||||
* sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
|
||||
an argument to refuse all port-forwarding requests.
|
||||
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
|
||||
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
|
||||
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
|
||||
to append some arbitrary text to the server SSH protocol banner.
|
||||
Bugfixes:
|
||||
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
|
||||
descriptor exhaustion. Instead back off for a while.
|
||||
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
|
||||
they were removed from the specification. bz#2023,
|
||||
* sshd(8): Handle long comments in config files better. bz#2025
|
||||
* ssh(1): Delay setting tty_flag so RequestTTY options are correctly
|
||||
picked up. bz#1995
|
||||
* sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
|
||||
on platforms that use login_cap.
|
||||
Portable OpenSSH:
|
||||
* sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit
|
||||
sandbox from the Linux SECCOMP filter sandbox when the latter is
|
||||
not available in the kernel.
|
||||
* ssh(1): Fix NULL dereference when built with LDNS and using DNSSEC to
|
||||
retrieve a CNAME SSHFP record.
|
||||
* Fix cross-compilation problems related to pkg-config. bz#1996
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 13 10:26:16 CET 2012 - kukuk@suse.de
|
||||
|
||||
- Fix groupadd arguments
|
||||
- Add LSB tag to sshd init script
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 26 15:01:21 UTC 2012 - coolo@suse.com
|
||||
|
||||
|
@ -33,7 +33,7 @@ BuildRequires: tcpd-devel
|
||||
Requires: /bin/netstat
|
||||
PreReq: pwdutils %{insserv_prereq} %{fillup_prereq} coreutils
|
||||
Conflicts: nonfreessh
|
||||
Version: 6.0p1
|
||||
Version: 6.1p1
|
||||
Release: 0
|
||||
%define xversion 1.2.4.1
|
||||
Summary: Secure Shell Client and Server (Remote Login Program)
|
||||
@ -177,7 +177,7 @@ install -D -m 0644 %{SOURCE12} %{buildroot}%{_unitdir}/sshd.service
|
||||
%endif
|
||||
|
||||
%pre
|
||||
getent group sshd >/dev/null || %{_sbindir}/groupadd -o -r sshd
|
||||
getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd
|
||||
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d /var/lib/sshd -s /bin/false -c "SSH daemon" sshd
|
||||
%if 0%{?has_systemd}
|
||||
%service_add_pre sshd.service
|
||||
|
Loading…
Reference in New Issue
Block a user