forked from pool/openssh
d83100ae13
- upgrade to 7.6p1 see main package changelog for details - Update to vanilla 7.6p1 Most important changes (more details below): * complete removal of the ancient SSHv1 protocol * sshd(8) cannot run without privilege separation * removal of suport for arcfourm blowfish and CAST ciphers and RIPE-MD160 HMAC * refuse RSA keys shorter than 1024 bits Distilled upstream log: - OpenSSH 7.3 ---- Security * sshd(8): Mitigate a potential denial-of-service attack against the system's crypt(3) function via sshd(8). An attacker could send very long passwords that would cause excessive CPU use in crypt(3). sshd(8) now refuses to accept password authentication requests of length greater than 1024 characters. Independently reported by Tomas Kuthan (Oracle), Andres Rojas and Javier Nieto. * sshd(8): Mitigate timing differences in password authentication that could be used to discern valid from invalid account names when long passwords were sent and particular password hashing algorithms are in use on the server. CVE-2016-6210, reported by EddieEzra.Harari at verint.com * ssh(1), sshd(8): Fix observable timing weakness in the CBC padding oracle countermeasures. Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. Note that CBC ciphers are disabled by default and OBS-URL: https://build.opensuse.org/request/show/539322 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=122
63 lines
2.1 KiB
RPMSpec
63 lines
2.1 KiB
RPMSpec
#
|
|
# spec file for package openssh-askpass-gnome
|
|
#
|
|
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
Name: openssh-askpass-gnome
|
|
BuildRequires: autoconf
|
|
BuildRequires: automake
|
|
BuildRequires: gtk2-devel
|
|
BuildRequires: krb5-devel
|
|
BuildRequires: openssh
|
|
BuildRequires: openssl-devel
|
|
BuildRequires: pam-devel
|
|
BuildRequires: tcpd-devel
|
|
BuildRequires: update-desktop-files
|
|
Version: 7.6p1
|
|
Release: 0
|
|
Requires: openssh = %{version}
|
|
Summary: A GNOME-Based Passphrase Dialog for OpenSSH
|
|
License: BSD-2-Clause
|
|
Group: Productivity/Networking/SSH
|
|
Url: http://www.openssh.com/
|
|
%define _name openssh
|
|
Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
|
Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
|
|
%description
|
|
SSH (Secure Shell) is a program for logging into a remote machine and
|
|
for executing commands on a remote machine. This package contains a
|
|
GNOME-based passphrase dialog for OpenSSH.
|
|
|
|
%prep
|
|
%setup -q -n %{_name}-%{version}
|
|
|
|
%build
|
|
cd contrib
|
|
make %{?_smp_mflags} gnome-ssh-askpass2
|
|
|
|
%install
|
|
install -d -m 755 %{buildroot}%{_libexecdir}/ssh/
|
|
install contrib/gnome-ssh-askpass2 %{buildroot}%{_libexecdir}/ssh/gnome-ssh-askpass
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%dir %{_libexecdir}/ssh
|
|
%attr(0755,root,root) %{_libexecdir}/ssh/gnome-ssh-askpass
|
|
|
|
%changelog
|