SHA256
1
0
forked from pool/openssh
Commit Graph

259 Commits

Author SHA256 Message Date
Dominique Leuenberger
7f9fe1884f Accepting request 386262 from network
1

OBS-URL: https://build.opensuse.org/request/show/386262
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=104
2016-04-12 16:59:51 +00:00
6045514505 Accepting request 385260 from home:kukuk:branches:network
- openssh-6.6p1-ldap.patch: replace TRUE/FALSE with 1/0, since
  this defines did come via an indirect header inclusion and are
  not everywhere defined.

OBS-URL: https://build.opensuse.org/request/show/385260
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=99
2016-04-08 12:39:18 +00:00
13651d3d21 restore factory state, so we can fix bugs.
old stuff is still in the old revisions

OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=98
2016-04-06 11:34:51 +00:00
Petr Cerny
c818e705ca bothed update, DO NOT TOUCH UNITL PROPERLY REVIEWED
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=97
2016-02-17 19:00:04 +00:00
Petr Cerny
b83f96744f Accepting request 358392 from home:elvigia:branches:network
- openssh-alloc_size.patch: anotate xmalloc.h with alloc_size
 attribute so the compiler knows these functions allocate memory
 so overflow or misuse can be detected sooner.
- openssh-allow_getrandom.patch; allow the getrandom(2) system
  call in the seccomp sandbox, upstream commit 26ad18247213
- openssh-fix-b64_xx-detection.patch: configure.ac has incorrect
  tests for b64_ntop, b64_pton on linux/glibc.

OBS-URL: https://build.opensuse.org/request/show/358392
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=96
2016-02-10 15:40:35 +00:00
Ismail Dönmez
642f5e8889 Accepting request 354941 from home:scarabeus_iv:branches:network
- Cleanup with spec-cleaner
- Update of the master OpenSSH to 7.1p2

- Take refreshed and updated audit patch from redhat
  * Remove our old patches:
    + openssh-6.6p1-audit1-remove_duplicit_audit.patch
    + openssh-6.6p1-audit2-better_audit_of_user_actions.patch
    + openssh-6.6p1-audit3-key_auth_usage-fips.patch
    + openssh-6.6p1-audit3-key_auth_usage.patch
    + openssh-6.6p1-audit4-kex_results-fips.patch
    + openssh-6.6p1-audit4-kex_results.patch
    + openssh-6.6p1-audit5-session_key_destruction.patch
    + openssh-6.6p1-audit6-server_key_destruction.patch
    + openssh-6.6p1-audit7-libaudit_compat.patch
    + openssh-6.6p1-audit8-libaudit_dns_timeouts.patch
  * add openssh-6.7p1-audit.patch
- Reenable the openssh-6.6p1-ldap.patch
- Update the fips patch from RH build openssh-6.6p1-fips.patch
- Update and refresh openssh-6.6p1-gssapi_key_exchange.patch
- Remove fips-check patch as it is merged to fips patch
  * openssh-6.6p1-fips-checks.patch
- Rebase and enable chroot patch:
  * openssh-6.6p1-sftp_homechroot.patch
- Reenable rebased patch for linux seed:
  * openssh-6.6p1-seed-prng.patch
- Reenable key converting patch:
  * openssh-6.6p1-key-converter.patch

- Version update to 7.1p2:
  * various upstream bugfixes and cleanups

OBS-URL: https://build.opensuse.org/request/show/354941
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=95
2016-01-21 07:28:30 +00:00
Dominique Leuenberger
52f32e2ae4 Accepting request 353732 from network
1

OBS-URL: https://build.opensuse.org/request/show/353732
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=103
2016-01-16 10:55:44 +00:00
Ismail Dönmez
1c5ff2cc6c Accepting request 353717 from home:AndreasStieger:branches:network
Security update for OpenSSH
CVE-2016-0777, bsc#961642, CVE-2016-0778, bsc#961645
https://lists.mindrot.org/pipermail/openssh-unix-announce/2016-January/000124.html

OBS-URL: https://build.opensuse.org/request/show/353717
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=93
2016-01-14 16:36:52 +00:00
Dominique Leuenberger
d41fccc195 Accepting request 282346 from network
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/282346
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=102
2015-01-23 15:19:13 +00:00
d9f8a6a210 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=91 2015-01-12 10:45:13 +00:00
a86956def1 - gpg signature and keyring added.
pub  3200R/6D920D30 2013-12-10 [expires: 2021-01-01]
  uid                            Damien Miller <djm@mindrot.org>
  sub  3200R/672A1105 2013-12-10 [expires: 2021-01-01]

OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=90
2015-01-12 10:35:52 +00:00
Dominique Leuenberger
a152efbbef Accepting request 266606 from network
1

OBS-URL: https://build.opensuse.org/request/show/266606
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=101
2014-12-31 10:21:54 +00:00
c00691fb64 Accepting request 266550 from home:Ledest:bashisms
fix bashisms in sshd.init script

OBS-URL: https://build.opensuse.org/request/show/266550
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=88
2014-12-29 09:01:00 +00:00
Stephan Kulow
c1b4a427de Accepting request 255040 from network
1

OBS-URL: https://build.opensuse.org/request/show/255040
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=100
2014-10-14 11:24:33 +00:00
Andrey Karepin
de58418da6 Accepting request 254673 from home:WernerFink:branches:network
- Ensure that ssh can use the ssh support of the gpg-agent (boo#899647)

OBS-URL: https://build.opensuse.org/request/show/254673
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=86
2014-10-11 07:28:34 +00:00
Stephan Kulow
b60cc98eb2 Accepting request 241776 from network
Do not depend on insserv if the package build with systemd support;
  it's useless (forwarded request 241774 from posophe)

OBS-URL: https://build.opensuse.org/request/show/241776
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=98
2014-07-24 04:58:23 +00:00
Petr Cerny
9913e17746 Accepting request 241774 from home:posophe:branches:network
Do not depend on insserv if the package build with systemd support;
  it's useless

OBS-URL: https://build.opensuse.org/request/show/241774
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=84
2014-07-21 16:02:23 +00:00
Stephan Kulow
28b55ed663 Accepting request 234675 from network
- Remove tcpwrappers support now, This feature was removed
  in upstream code at the end of April and the underlying
  libraries are abandonware.
  See: http://comments.gmane.org/gmane.linux.suse.general/348119 (forwarded request 234473 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/234675
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=97
2014-05-22 07:04:15 +00:00
Petr Cerny
4187c8a645 Accepting request 234473 from home:elvigia:branches:network
- Remove tcpwrappers support now, This feature was removed
  in upstream code at the end of April and the underlying
  libraries are abandonware.
  See: http://comments.gmane.org/gmane.linux.suse.general/348119

OBS-URL: https://build.opensuse.org/request/show/234473
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=82
2014-05-19 10:15:21 +00:00
Stephan Kulow
c7fda0bd32 Accepting request 231428 from network
- curve25519 key exchange fix (-curve25519-6.6.1p1.patch)
- patch re-ordering (-audit3-key_auth_usage-fips.patch,
    -audit4-kex_results-fips.patch) (forwarded request 231427 from pcerny)

OBS-URL: https://build.opensuse.org/request/show/231428
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=96
2014-04-26 15:02:02 +00:00
Petr Cerny
9fb40d132b Accepting request 231427 from home:pcerny:factory
- curve25519 key exchange fix (-curve25519-6.6.1p1.patch)
- patch re-ordering (-audit3-key_auth_usage-fips.patch,
    -audit4-kex_results-fips.patch)

OBS-URL: https://build.opensuse.org/request/show/231427
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=80
2014-04-25 13:11:58 +00:00
Andrey Karepin
4dd2bec462 Accepting request 230928 from home:namtrac:bugfix
- Add fix-curve25519-kex.patch to fix a key-exchange problem
  with curve25519-sha256@libssh.org, see
  http://marc.info/?l=openssh-unix-dev&m=139797807804698&w=2

OBS-URL: https://build.opensuse.org/request/show/230928
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=79
2014-04-24 10:08:13 +00:00
Tomáš Chvátal
8d7787adc5 Accepting request 230190 from network
- Update of the underlying OpenSSH to 6.6p1

- Remove uneeded dependency on the OpenLDAP server (openldap2)
  from openssh-helpers. openssh-helpers just depends on the 
  openldap client libraries, which will be auto-generated by rpm.

- update to 6.6p1
  Security:
  * sshd(8): when using environment passing with a sshd_config(5)
    AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could
    be tricked into accepting any enviornment variable that
    contains the characters before the wildcard character.
  Features since 6.5p1:
  * ssh(1), sshd(8): removal of the J-PAKE authentication code,
    which was experimental, never enabled and has been
    unmaintained for some time.
  * ssh(1): skip 'exec' clauses other clauses predicates failed
    to match while processing Match blocks.
  * ssh(1): if hostname canonicalisation is enabled and results
    in the destination hostname being changed, then re-parse
    ssh_config(5) files using the new destination hostname. This
    gives 'Host' and 'Match' directives that use the expanded
    hostname a chance to be applied.
  Bugfixes:
  * ssh(1): avoid spurious "getsockname failed: Bad file
    descriptor" in ssh -W. bz#2200, debian#738692
  * sshd(8): allow the shutdown(2) syscall in seccomp-bpf and
    systrace sandbox modes, as it is reachable if the connection
    is terminated during the pre-auth phase.
  * ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1

OBS-URL: https://build.opensuse.org/request/show/230190
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=95
2014-04-17 12:43:46 +00:00
Petr Cerny
5b66f43acd Accepting request 230167 from home:rhafer:branches:network
OBS-URL: https://build.opensuse.org/request/show/230167
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=77
2014-04-15 11:28:24 +00:00
Petr Cerny
efb05e6527 Accepting request 230097 from home:pcerny:factory
- Update of the underlying OpenSSH to 6.6p1

- update to 6.6p1
  Security:
  * sshd(8): when using environment passing with a sshd_config(5)
    AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could
    be tricked into accepting any enviornment variable that
    contains the characters before the wildcard character.
  Features since 6.5p1:
  * ssh(1), sshd(8): removal of the J-PAKE authentication code,
    which was experimental, never enabled and has been
    unmaintained for some time.
  * ssh(1): skip 'exec' clauses other clauses predicates failed
    to match while processing Match blocks.
  * ssh(1): if hostname canonicalisation is enabled and results
    in the destination hostname being changed, then re-parse
    ssh_config(5) files using the new destination hostname. This
    gives 'Host' and 'Match' directives that use the expanded
    hostname a chance to be applied.
  Bugfixes:
  * ssh(1): avoid spurious "getsockname failed: Bad file
    descriptor" in ssh -W. bz#2200, debian#738692
  * sshd(8): allow the shutdown(2) syscall in seccomp-bpf and
    systrace sandbox modes, as it is reachable if the connection
    is terminated during the pre-auth phase.
  * ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1
    bignum parsing. Minimum key length checks render this bug
    unexploitable to compromise SSH 1 sessions.
  * sshd_config(5): clarify behaviour of a keyword that appears
    in multiple matching Match blocks. bz#2184

OBS-URL: https://build.opensuse.org/request/show/230097
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=76
2014-04-14 21:53:01 +00:00
Stephan Kulow
0ea9e47b8b Accepting request 227709 from network
- Update openssh-6.5p1-audit4-kex_results.patch to ensure that
  we don't pass a NULL string to buffer_put_cstring. This happens
  when you have "Ciphers chacha20-poly1305@openssh.com" directive. (forwarded request 227423 from namtrac)

OBS-URL: https://build.opensuse.org/request/show/227709
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=94
2014-03-31 18:43:01 +00:00
f722726301 Accepting request 227423 from home:namtrac:bugfix
- Update openssh-6.5p1-audit4-kex_results.patch to ensure that
  we don't pass a NULL string to buffer_put_cstring. This happens
  when you have "Ciphers chacha20-poly1305@openssh.com" directive.

OBS-URL: https://build.opensuse.org/request/show/227423
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=74
2014-03-27 10:02:56 +00:00
Stephan Kulow
08c1d7d9f8 Accepting request 226335 from network
- re-enabling the GSSAPI Key Exchange patch 
!!! currently breaks anythng else than Factory (forwarded request 226334 from pcerny)

OBS-URL: https://build.opensuse.org/request/show/226335
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=93
2014-03-18 15:21:25 +00:00
Petr Cerny
5d4cc441c8 Accepting request 226334 from home:pcerny:factory
- re-enabling the GSSAPI Key Exchange patch 
!!! currently breaks anythng else than Factory

OBS-URL: https://build.opensuse.org/request/show/226334
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=72
2014-03-17 02:46:40 +00:00
Stephan Kulow
c8d3d86692 Accepting request 224303 from network
- re-enabling FIPS-enablement patch
- enable X11 forwarding when IPv6 is present but disabled on server
  (bnc#712683, FATE#31503; -X_forward_with_disabled_ipv6.patch) (forwarded request 224302 from pcerny)

OBS-URL: https://build.opensuse.org/request/show/224303
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=92
2014-03-01 20:20:10 +00:00
Petr Cerny
25f021b853 Accepting request 224302 from home:pcerny:factory
- re-enabling FIPS-enablement patch
- enable X11 forwarding when IPv6 is present but disabled on server
  (bnc#712683, FATE#31503; -X_forward_with_disabled_ipv6.patch)

OBS-URL: https://build.opensuse.org/request/show/224302
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=70
2014-03-01 00:05:55 +00:00
Stephan Kulow
36c921d588 Accepting request 223064 from network
- openssh-6.5p1-seccomp_getuid.patch: re-enabling the seccomp sandbox
  (allowing use of the getuid syscall) (bnc#864171)

OBS-URL: https://build.opensuse.org/request/show/223064
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=91
2014-02-21 18:52:29 +00:00
5f397d839b - openssh-6.5p1-seccomp_getuid.patch: re-enabling the seccomp sandbox
(allowing use of the getuid syscall) (bnc#864171)

OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=68
2014-02-19 13:30:54 +00:00
5ada588ef0 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=67 2014-02-19 13:22:51 +00:00
Petr Cerny
f2774839fb Accepting request 222710 from home:pcerny:factory
- re-enabling the seccomp sandbox
  (allowing use of getuid the syscall)

OBS-URL: https://build.opensuse.org/request/show/222710
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=66
2014-02-18 13:04:57 +00:00
Petr Cerny
eedbb4ea75 Accepting request 222560 from home:pcerny:factory
- reverting to rlimit sandbox even for newer distributions, since
  it seems not to work properly (bnc#864171)

OBS-URL: https://build.opensuse.org/request/show/222560
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=65
2014-02-17 11:31:08 +00:00
Stephan Kulow
f53e0cfba2 Accepting request 222366 from network
- Update of the underlying OpenSSH to 6.5p1

- Update to 6.5p1
  Features since 6.4p1:
  * ssh(1), sshd(8): support for key exchange using ECDH in
    Daniel Bernstein's Curve25519; default when both the client
    and server support it.
  * ssh(1), sshd(8): support for Ed25519 as a public key type fo
    rboth server and client.  Ed25519 is an EC signature offering
    better security than ECDSA and DSA and good performance.
  * Add a new private key format that uses a bcrypt KDF to better
    protect keys at rest. Used unconditionally for Ed25519 keys,
    on demand for other key types via the -o ssh-keygen(1)
    option.  Intended to become default in the near future.
    Details documented in PROTOCOL.key.
  * ssh(1), sshd(8): new transport cipher
    "chacha20-poly1305@openssh.com" combining Daniel Bernstein's
    ChaCha20 stream cipher and Poly1305 MAC to build an
    authenticated encryption mode. Details documented
    PROTOCOL.chacha20poly1305.
  * ssh(1), sshd(8): refuse RSA keys from old proprietary clients
    and servers that use the obsolete RSA+MD5 signature scheme.
    It will still be possible to connect with these
    clients/servers but only DSA keys will be accepted, and
    OpenSSH will refuse connection entirely in a future release.
  * ssh(1), sshd(8): refuse old proprietary clients and servers
    that use a weaker key exchange hash calculation.
  * ssh(1): increase the size of the Diffie-Hellman groups
    requested for each symmetric key size. New values from NIST
    Special Publication 800-57 with the upper limit specified by (forwarded request 222365 from pcerny)

OBS-URL: https://build.opensuse.org/request/show/222366
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=90
2014-02-15 16:17:36 +00:00
Petr Cerny
08f9072513 Accepting request 222365 from home:pcerny:factory
- Update of the underlying OpenSSH to 6.5p1

- Update to 6.5p1
  Features since 6.4p1:
  * ssh(1), sshd(8): support for key exchange using ECDH in
    Daniel Bernstein's Curve25519; default when both the client
    and server support it.
  * ssh(1), sshd(8): support for Ed25519 as a public key type fo
    rboth server and client.  Ed25519 is an EC signature offering
    better security than ECDSA and DSA and good performance.
  * Add a new private key format that uses a bcrypt KDF to better
    protect keys at rest. Used unconditionally for Ed25519 keys,
    on demand for other key types via the -o ssh-keygen(1)
    option.  Intended to become default in the near future.
    Details documented in PROTOCOL.key.
  * ssh(1), sshd(8): new transport cipher
    "chacha20-poly1305@openssh.com" combining Daniel Bernstein's
    ChaCha20 stream cipher and Poly1305 MAC to build an
    authenticated encryption mode. Details documented
    PROTOCOL.chacha20poly1305.
  * ssh(1), sshd(8): refuse RSA keys from old proprietary clients
    and servers that use the obsolete RSA+MD5 signature scheme.
    It will still be possible to connect with these
    clients/servers but only DSA keys will be accepted, and
    OpenSSH will refuse connection entirely in a future release.
  * ssh(1), sshd(8): refuse old proprietary clients and servers
    that use a weaker key exchange hash calculation.
  * ssh(1): increase the size of the Diffie-Hellman groups
    requested for each symmetric key size. New values from NIST
    Special Publication 800-57 with the upper limit specified by

OBS-URL: https://build.opensuse.org/request/show/222365
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=63
2014-02-14 14:54:10 +00:00
b189026b63 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=62 2014-02-11 08:14:49 +00:00
e282a93fa2 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=61 2014-02-11 08:14:43 +00:00
db5db0c1c2 - add a rcsshd symlink to /usr/sbin/service
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=60
2014-02-11 07:43:47 +00:00
7d3e25f02e Accepting request 221224 from home:namtrac:bugfix
- Add openssh-6.2p1-forcepermissions.patch to implement a force
  permissions mode (fate#312774). The patch is based on
  http://marc.info/?l=openssh-unix-dev&m=128896838930893

OBS-URL: https://build.opensuse.org/request/show/221224
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=59
2014-02-08 10:47:01 +00:00
Petr Cerny
712ccf3395 Accepting request 220466 from home:pcerny:factory
- Update of the underlying OpenSSH to 6.4p1

- Update to 6.4p1
  Features since 6.2p2:
  * ssh-agent(1) support in sshd(8); allows encrypted hostkeys, or
    hostkeys on smartcards.
  * ssh(1)/sshd(8): allow optional time-based rekeying via a
    second argument to the existing RekeyLimit option. RekeyLimit
    is now supported in sshd_config as well as on the client.
  * sshd(8): standardise logging of information during user
    authentication.
  * The presented key/cert and the remote username (if available)
    is now logged in the authentication success/failure message on
    the same log line as the local username, remote host/port and
    protocol in use.  Certificates contents and the key
    fingerprint of the signing CA are logged too.
  * ssh(1) ability to query what cryptographic algorithms are
    supported in the binary.
  * ssh(1): ProxyCommand=- for cases where stdin and stdout
    already point to the proxy.
  * ssh(1): allow IdentityFile=none
  * ssh(1)/sshd(8): -E option to append debugging logs to a
    specified file instead of stderr or syslog.
  * sftp(1): support resuming partial downloads with the "reget"
    command and on the sftp commandline or on the "get"
    commandline with the "-a" (append) option.
  * ssh(1): "IgnoreUnknown" configuration option to selectively
    suppress errors arising from unknown configuration directives.
  * sshd(8): support for submethods to be appended to required
    authentication methods listed via AuthenticationMethods.

OBS-URL: https://build.opensuse.org/request/show/220466
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=58
2014-01-31 12:18:41 +00:00
Petr Cerny
6fccab223a Accepting request 202452 from home:pcerny:factory
- fix server crashes when using AES-GCM
- removed superfluous build dependency on X

OBS-URL: https://build.opensuse.org/request/show/202452
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=57
2013-10-07 08:32:48 +00:00
Petr Cerny
673551b2c9 Accepting request 199729 from home:pcerny:factory
- spec file and patch cleanup
- patches from SLE11
- init script is moved into documentation for openSUSE 12.3+

OBS-URL: https://build.opensuse.org/request/show/199729
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=56
2013-09-19 13:51:33 +00:00
Petr Cerny
6cd875acfc Accepting request 199679 from home:pcerny:factory
- spec file cleanup (don't pointelssly build whole OpenSSH)

- spec file and patch cleanup
  * removing obsoleted auditing patch
    (openssh-%{version}-audit.patch)
- added patches from SLE
  * GSSAPI key exchange
  * FIPS enablement (currently disabled)
  * small bugfixes 
- split the LDAP helper into a separate package: openssh-akc-ldap

OBS-URL: https://build.opensuse.org/request/show/199679
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=55
2013-09-19 04:09:33 +00:00
Stephan Kulow
946960ceb5 Accepting request 198435 from network
- fix the logic in openssh-nodaemon-nopid.patch which is broken
  and pid_file therefore still being created. (forwarded request 198380 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/198435
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=88
2013-09-11 10:58:04 +00:00
Sascha Peilicke
76e102ad97 Accepting request 198380 from home:elvigia:branches:network
- fix the logic in openssh-nodaemon-nopid.patch which is broken
  and pid_file therefore still being created.

OBS-URL: https://build.opensuse.org/request/show/198380
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=53
2013-09-11 08:27:54 +00:00
Stephan Kulow
3d6d17e39a Accepting request 185890 from network
- Update for 6.2p2 

- Update to version 6.2p2 
* ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption
* ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes
* ssh(1)/sshd(8): Added support for the UMAC-128 MAC
* sshd(8): Added support for multiple required authentication
* sshd(8)/ssh-keygen(1): Added support for Key Revocation Lists
* ssh(1): When SSH protocol 2 only is selected (the default), ssh(1)
  now immediately sends its SSH protocol banner to the server without
  waiting to receive the server's banner, saving time when connecting.
* dozens of other changes, see http://www.openssh.org/txt/release-6.2 (forwarded request 185789 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/185890
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=87
2013-08-05 18:49:11 +00:00
616ae5907d Accepting request 185789 from home:elvigia:branches:network
- Update for 6.2p2 

- Update to version 6.2p2 
* ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption
* ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes
* ssh(1)/sshd(8): Added support for the UMAC-128 MAC
* sshd(8): Added support for multiple required authentication
* sshd(8)/ssh-keygen(1): Added support for Key Revocation Lists
* ssh(1): When SSH protocol 2 only is selected (the default), ssh(1)
  now immediately sends its SSH protocol banner to the server without
  waiting to receive the server's banner, saving time when connecting.
* dozens of other changes, see http://www.openssh.org/txt/release-6.2

OBS-URL: https://build.opensuse.org/request/show/185789
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=51
2013-08-05 07:15:19 +00:00