From 64de1eadd93c9b228043dd753c1a20e79b14e4432b485bf535cae5156e580ab1 Mon Sep 17 00:00:00 2001 From: Fridrich Strba Date: Thu, 14 Mar 2024 10:54:47 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/Java:packages/trilead-ssh2?expand=0&rev=11 --- trilead-ssh2.changes | 100 ++++++++++++++++--------------------------- 1 file changed, 36 insertions(+), 64 deletions(-) diff --git a/trilead-ssh2.changes b/trilead-ssh2.changes index 0f69d77..15ec509 100644 --- a/trilead-ssh2.changes +++ b/trilead-ssh2.changes @@ -1,72 +1,44 @@ ------------------------------------------------------------------- Thu Mar 14 09:09:47 UTC 2024 - Gus Kenion -- bsc#1218198, CVE-2023-48795 - Upgrade to version build-217-jenkins-293.v56de4d4d3515 - * Trilead ssh2 fix big integer removes leading zero (#178) @mpet - Addresses CVE-2023-48795 - * JENKINS-72466 - : Upgrades jbcrypt dependency (#173) @andham + * Trilead ssh2 fix big integer removes leading zero + Addresses CVE-2023-48795, bsc#1218198 + * JENKINS-72466 - : Upgrades jbcrypt dependency - Includes changes from previous version updates: - * build-217-jenkins-274.va_969b_d35f933 - + JENKINS-71798 - : TimeoutService threads are left after - closing connection (#155) @mpet - * build-217-jenkins-255.vc65d8d1d158f - + Giving threads names for easier troubleshooting (#135) - @Elisedlund-ericsson - * build-217-jenkins-247.v708a_8b_14f4b_a - + Update parent POM (#123) @basil - * build-217-jenkins-231.vda_87ca_d57ecf - + There is no guarantee that the plugin works with Java 8 - anymore, and it is not tested. If you still run Jenkins - on Java 8 do not update. JENKINS-69229 - + Removal of unnecessary protobuf-java (#104) - @Elisedlund-ericsson - + fix: bump protobuff due to CVE 2021 22569 (#102) - @kuisathaverat - * build-217-jenkins-227.vb_d92894b_3b_65 - + JENKINS-69018 - use constant MAX_PACKET_SIZE (#99) - @kuisathaverat - * build-217-jenkins-223.v546f979619d4 - + add support for hmac-sha2-512-etm@openssh.com - hmac-sha2-256-etm@open… (#93) @mpet - + Create CODEOWNERS (#95) @halkeye - + chore: use jenkins infra maven cd reusable workflow (#92) - @jetersen - * build-217-jenkins-211.vbb42cae44b18 - + feat: enable continuous delivery workflow (#65) - @kuisathaverat - * trilead-ssh2-build-217-jenkins-27 - + additional kex algorithms (#60) @mpet - * trilead-ssh2-build-217-jenkins-26 - + [Revert]JENKINS-62552 - Use standard crypto APIs (#57) - @kuisathaverat - + feat: enable incrementals (#51) @kuisathaverat - + ci: grab correct incremental artifacts (#54) @kuisathaverat - * trilead-ssh2-build-217-jenkins-25 - + Retry userauth when multiple algs (#48) @jvz - + Known Issue: JENKINS-63790 causes SSH agent connections to - fail in some configurations - + fix: allow to use password encrypted keys (#49) - @kuisathaverat - * trilead-ssh2-build-217-jenkins-23 - + Known Issue: trilead api 1.0.9 fails clone from ssh - repository using 3DES/MD5-encrypted private key JENKINS-63601 - * trilead-ssh2-build-217-jenkins-22 - + JENKINS-62552 - Use standard crypto APIs (#45) @jvz - + Resolve several possible infinite hangings because of wait() - (#44) @Elisedlund-ericsson - * trilead-ssh2-build-217-jenkins-21 - + Revert "JENKINS-62311 - Add support for RFC 8332" (#46) - @kuisathaverat - * trilead-ssh2-build-217-jenkins-20 - + [SECURITY] Use HTTPS to resolve dependencies in Maven Build - (#39) @JLLeitschuh - + JENKINS-62311 - Add support for RFC 8332 (#43) @jvz - * trilead-ssh2-build-217-jenkins-19 - + Support for port=0 which means automatically allocated port. - (#40) @Elisedlund-ericsson - + JENKINS-59857 - Kerberos support updated (#38) - @Emil-Gustafsson + * JENKINS-71798 - : TimeoutService threads are left after closing + connection + * Giving threads names for easier troubleshooting + * Update parent POM + * There is no guarantee that the plugin works with Java 8 anymore, + and it is not tested. If you still run Jenkins on Java 8 do not + update. JENKINS-69229 + * Removal of unnecessary protobuf-java + * fix: bump protobuff due to CVE 2021 22569 + * JENKINS-69018 - use constant MAX_PACKET_SIZE + * add support for hmac-sha2-512-etm@openssh.com + hmac-sha2-256-etm@opensh.com in trilead-ssh2 + * feat: enable continuous delivery workflow + * additional kex algorithms + * [Revert]JENKINS-62552 - Use standard crypto APIs + * feat: enable incrementals + * Retry userauth when multiple algs + * Known Issue: JENKINS-63790 causes SSH agent connections to fail + in some configurations + * fix: allow to use password encrypted keys + * Known Issue: trilead api 1.0.9 fails clone from ssh repository + using 3DES/MD5-encrypted private key JENKINS-63601 + * JENKINS-62552 - Use standard crypto APIs + * Resolve several possible infinite hangings because of wait() + * Revert "JENKINS-62311 - Add support for RFC 8332" + * [SECURITY] Use HTTPS to resolve dependencies in Maven Build + * JENKINS-62311 - Add support for RFC 8332 + * Support for port=0 which means automatically allocated port. + * JENKINS-59857 - Kerberos support updated +- Added patch: + * 0001-Remove-the-dependency-on-google-tink.patch + + remove new code dependent on google tink since we don't have + the dependency ------------------------------------------------------------------- Fri Mar 18 16:41:59 UTC 2022 - Fridrich Strba