rpm/openssh
SHA256
1
0
Fork 0
forked from pool/openssh
Code Pull Requests Activity
35f68f8c1a
openssh/openssh-8.1p1-seccomp-clock_nanosleep.patch
Marcus Meissner dbcbd30908 Accepting request 811897 from home:hpjansson:openssh-8.3 
- Version update to 8.3p1:
  = Potentially-incompatible changes
  * sftp(1): reject an argument of "-1" in the same way as ssh(1) and
    scp(1) do instead of accepting and silently ignoring it.
  = New features
  * sshd(8): make IgnoreRhosts a tri-state option: "yes" to ignore
    rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only"
    to allow .shosts files but not .rhosts.
  * sshd(8): allow the IgnoreRhosts directive to appear anywhere in a
    sshd_config, not just before any Match blocks.
  * ssh(1): add %TOKEN percent expansion for the LocalFoward and
    RemoteForward keywords when used for Unix domain socket forwarding.
  * all: allow loading public keys from the unencrypted envelope of a
    private key file if no corresponding public key file is present.
  * ssh(1), sshd(8): prefer to use chacha20 from libcrypto where
    possible instead of the (slower) portable C implementation included
    in OpenSSH.
  * ssh-keygen(1): add ability to dump the contents of a binary key
    revocation list via "ssh-keygen -lQf /path".
- Additional changes from 8.2p1 release:
  = Potentially-incompatible changes
  * ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
    (RSA/SHA1) algorithm from those accepted for certificate signatures
    (i.e. the client and server CASignatureAlgorithms option) and will
    use the rsa-sha2-512 signature algorithm by default when the
    ssh-keygen(1) CA signs new certificates.
  * ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
    from the default key exchange proposal for both the client and
    server.
  * ssh-keygen(1): the command-line options related to the generation

OBS-URL: https://build.opensuse.org/request/show/811897
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=211
2020-06-06 06:49:00 +00:00

15 lines
435 B
Diff
Raw Blame History

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index c1e689e..74f69bc 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -264,6 +264,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_clock_gettime64
SC_ALLOW(__NR_clock_gettime64),
#endif
+#ifdef __NR_clock_nanosleep
+ SC_ALLOW(__NR_clock_nanosleep),
+#endif
#ifdef __NR__newselect
SC_ALLOW(__NR__newselect),
#endif
View Git Blame Copy Permalink