OBS-URL: https://build.opensuse.org/package/show/Java:packages/trilead-ssh2?expand=0&rev=11

2024-03-14 10:54:47 +00:00 · 2024-03-14 10:54:47 +00:00 · 64de1eadd9
commit 64de1eadd9
parent 7a07465351
1 changed files with 36 additions and 64 deletions
--- a/trilead-ssh2.changes
+++ b/trilead-ssh2.changes
@ -1,72 +1,44 @@
 -------------------------------------------------------------------
 Thu Mar 14 09:09:47 UTC 2024 - Gus Kenion <gus.kenion@suse.com>

- bsc#1218198, CVE-2023-48795
 - Upgrade to version build-217-jenkins-293.v56de4d4d3515
-  * Trilead ssh2 fix big integer removes leading zero (#178) @mpet
-    Addresses CVE-2023-48795
-  * JENKINS-72466 - : Upgrades jbcrypt dependency (#173) @andham
+  * Trilead ssh2 fix big integer removes leading zero
+    Addresses CVE-2023-48795, bsc#1218198
+  * JENKINS-72466 - : Upgrades jbcrypt dependency
 - Includes changes from previous version updates:
-  * build-217-jenkins-274.va_969b_d35f933
-    + JENKINS-71798 - : TimeoutService threads are left after
-      closing connection (#155) @mpet
-  * build-217-jenkins-255.vc65d8d1d158f
-    + Giving threads names for easier troubleshooting (#135)
-      @Elisedlund-ericsson
-  * build-217-jenkins-247.v708a_8b_14f4b_a
-    + Update parent POM (#123) @basil
-  * build-217-jenkins-231.vda_87ca_d57ecf
-    + There is no guarantee that the plugin works with Java 8
-      anymore, and it is not tested. If you still run Jenkins
-      on Java 8 do not update. JENKINS-69229
-    + Removal of unnecessary protobuf-java (#104)
-      @Elisedlund-ericsson
-    + fix: bump protobuff due to CVE 2021 22569 (#102)
-      @kuisathaverat
-  * build-217-jenkins-227.vb_d92894b_3b_65
-    + JENKINS-69018 - use constant MAX_PACKET_SIZE (#99)
-      @kuisathaverat
-  * build-217-jenkins-223.v546f979619d4
-    + add support for hmac-sha2-512-etm@openssh.com
-      hmac-sha2-256-etm@open… (#93) @mpet
-    + Create CODEOWNERS (#95) @halkeye
-    + chore: use jenkins infra maven cd reusable workflow (#92)
-      @jetersen
-  * build-217-jenkins-211.vbb42cae44b18
-    + feat: enable continuous delivery workflow (#65)
-      @kuisathaverat
-  * trilead-ssh2-build-217-jenkins-27 
-    + additional kex algorithms (#60) @mpet
-  * trilead-ssh2-build-217-jenkins-26
-    + [Revert]JENKINS-62552 - Use standard crypto APIs (#57)
-      @kuisathaverat
-    + feat: enable incrementals (#51) @kuisathaverat
-    + ci: grab correct incremental artifacts (#54) @kuisathaverat
-  * trilead-ssh2-build-217-jenkins-25
-    + Retry userauth when multiple algs (#48) @jvz
-    + Known Issue: JENKINS-63790 causes SSH agent connections to
-      fail in some configurations
-    + fix: allow to use password encrypted keys (#49)
-      @kuisathaverat
-  * trilead-ssh2-build-217-jenkins-23
-    + Known Issue: trilead api 1.0.9 fails clone from ssh
-      repository using 3DES/MD5-encrypted private key JENKINS-63601
-  * trilead-ssh2-build-217-jenkins-22
-    + JENKINS-62552 - Use standard crypto APIs (#45) @jvz
-    + Resolve several possible infinite hangings because of wait()
-      (#44) @Elisedlund-ericsson
-  * trilead-ssh2-build-217-jenkins-21
-    + Revert "JENKINS-62311 - Add support for RFC 8332" (#46)
-      @kuisathaverat
-  * trilead-ssh2-build-217-jenkins-20
-    + [SECURITY] Use HTTPS to resolve dependencies in Maven Build
-      (#39) @JLLeitschuh
-    + JENKINS-62311 - Add support for RFC 8332 (#43) @jvz
-  * trilead-ssh2-build-217-jenkins-19
-    + Support for port=0 which means automatically allocated port.
-      (#40) @Elisedlund-ericsson
-    + JENKINS-59857 - Kerberos support updated (#38)
-      @Emil-Gustafsson
+  * JENKINS-71798 - : TimeoutService threads are left after closing
+    connection
+  * Giving threads names for easier troubleshooting
+  * Update parent POM
+  * There is no guarantee that the plugin works with Java 8 anymore,
+    and it is not tested. If you still run Jenkins  on Java 8 do not
+    update. JENKINS-69229
+  * Removal of unnecessary protobuf-java
+  * fix: bump protobuff due to CVE 2021 22569
+  * JENKINS-69018 - use constant MAX_PACKET_SIZE
+  * add support for hmac-sha2-512-etm@openssh.com
+    hmac-sha2-256-etm@opensh.com in trilead-ssh2
+  * feat: enable continuous delivery workflow
+  * additional kex algorithms
+  * [Revert]JENKINS-62552 - Use standard crypto APIs
+  * feat: enable incrementals
+  * Retry userauth when multiple algs
+  * Known Issue: JENKINS-63790 causes SSH agent connections to fail
+    in some configurations
+  * fix: allow to use password encrypted keys
+  * Known Issue: trilead api 1.0.9 fails clone from ssh repository
+    using 3DES/MD5-encrypted private key JENKINS-63601
+  * JENKINS-62552 - Use standard crypto APIs
+  * Resolve several possible infinite hangings because of wait()
+  * Revert "JENKINS-62311 - Add support for RFC 8332"
+  * [SECURITY] Use HTTPS to resolve dependencies in Maven Build
+  * JENKINS-62311 - Add support for RFC 8332
+  * Support for port=0 which means automatically allocated port.
+  * JENKINS-59857 - Kerberos support updated
+- Added patch:
+  * 0001-Remove-the-dependency-on-google-tink.patch
+    + remove new code dependent on google tink since we don't have
+      the dependency

 -------------------------------------------------------------------
 Fri Mar 18 16:41:59 UTC 2022 - Fridrich Strba <fstrba@suse.com>