Revisions of openssh
Vítězslav Čížek (vitezslav_cizek)
accepted
request 689347
from
Vítězslav Čížek (vitezslav_cizek)
(revision 187)
- Fix a double free() in the KDF CAVS testing tool (bsc#1065237) * modify openssh-7.7p1-cavstest-kdf.patch
buildservice-autocommit
accepted
request 684354
from
Vítězslav Čížek (vitezslav_cizek)
(revision 186)
baserev update by copy to link target
Vítězslav Čížek (vitezslav_cizek)
accepted
request 684353
from
Vítězslav Čížek (vitezslav_cizek)
(revision 185)
- Minor clean-up of the fips patches, modified openssh-7.7p1-fips.patch openssh-7.7p1-fips_checks.patch
Vítězslav Čížek (vitezslav_cizek)
accepted
request 684224
from
Vítězslav Čížek (vitezslav_cizek)
(revision 184)
- Fix two race conditions in sshd relating to SIGHUP (bsc#1119183) * 0001-upstream-Fix-two-race-conditions-in-sshd-relating-to.patch
buildservice-autocommit
accepted
request 680205
from
Tomáš Chvátal (scarabeus_iv)
(revision 183)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
accepted
request 680202
from
Vítězslav Čížek (vitezslav_cizek)
(revision 182)
- Correctly filter out non-compliant algorithms when in FIPS mode (bsc#1126397) * A hunk was applied to a wrong place due to a patch fuzz when the fips patch was being ported to openssh 7.9p1 - update openssh-7.7p1-fips.patch
Tomáš Chvátal (scarabeus_iv)
accepted
request 679869
from
Vítězslav Čížek (vitezslav_cizek)
(revision 181)
- Remove the "KexDHMin" config keyword (bsc#1127180) It used to allow lowering of the minimal allowed DH group size, which was increased to 2048 by upstream in the light of the Logjam attack. The code was broken since the upgrade to 7.6p1, but nobody noticed. As apparently no one needs the functionality any more, let's drop the patch. It's still possible to use the fixed 1024-bit diffie-hellman-group1-sha1 key exchange method when working with legacy systems. - drop openssh-7.7p1-disable_short_DH_parameters.patch - updated patches: openssh-7.7p1-fips.patch openssh-7.7p1-fips_checks.patch openssh-7.7p1-gssapi_key_exchange.patch
buildservice-autocommit
accepted
request 677282
from
Tomáš Chvátal (scarabeus_iv)
(revision 180)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
committed
(revision 179)
* openssh-7.9p1-brace-expansion.patch
Tomáš Chvátal (scarabeus_iv)
accepted
request 677200
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 178)
- Handle brace expansion in scp when checking that filenames sent by the server side match what the client requested [bsc#1125687]
Tomáš Chvátal (scarabeus_iv)
accepted
request 676348
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 177)
- Updated security fixes: * [bsc#1121816, CVE-2019-6109] Sanitize scp filenames via snmprintf and have progressmeter force an update at the beginning and end of each transfer. Added patches: - openssh-CVE-2019-6109-sanitize-scp-filenames.patch - openssh-CVE-2019-6109-force-progressmeter-update.patch * [bsc#1121821, CVE-2019-6111] Check in scp client that filenames sent during remote->local directory copies satisfy the wildcard specified by the user. Added patch: - openssh-CVE-2019-6111-scp-client-wildcard.patch * Removed openssh-7.9p1-scp-name-validator.patch
Tomáš Chvátal (scarabeus_iv)
committed
(revision 176)
- Supplement the openssh and libx11 together to ensure this package is installed on machines where there is X stack
Tomáš Chvátal (scarabeus_iv)
committed
(revision 175)
- Change the askpass wrapper to not use x11 interface: * by default we use the -gnome UI (which is gtk3 only, no gnome dep) * if desktop is KDE/LxQt we use ksshaskpass
buildservice-autocommit
accepted
request 669023
from
Tomáš Chvátal (scarabeus_iv)
(revision 174)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
accepted
request 669019
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 173)
- Remove old conditionals * Mention the change in README.SUSE
Tomáš Chvátal (scarabeus_iv)
accepted
request 668656
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 172)
- Move ssh-ldap* man pages into openssh-helpers [bsc#1051531] - Allow root login by default [bsc#1118114, bsc#1121196] * Added/updated previous patch openssh-7.7p1-allow_root_password_login.patch - Added SLE conditionals in the spec files: * Keep gtk2-devel in openssh-askpass-gnome in SLE * Keep krb5-mini-devel in SLE - Removed obsolete configure options: * SSH protocol 1 --with-ssh1 * Smart card --with-opensc - Cleaned spec file with spec-cleaner
buildservice-autocommit
accepted
request 666632
from
Tomáš Chvátal (scarabeus_iv)
(revision 171)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
accepted
request 666511
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 170)
- Security fix: * [bsc#1121816, CVE-2019-6109] scp client spoofing via object name * [bsc#1121818, CVE-2019-6110] scp client spoofing via stderr * [bsc#1121821, CVE-2019-6111] scp client missing received object name validation * Added patch openssh-7.9p1-scp-name-validator.patch
Tomáš Chvátal (scarabeus_iv)
accepted
request 664725
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 169)
- Security fix: [bsc#1121571, CVE-2018-20685] * The scp client allows remote SSH servers to bypass intended access restrictions * Added patch openssh-7.9p1-CVE-2018-20685.patch
buildservice-autocommit
accepted
request 662751
from
Tomáš Chvátal (scarabeus_iv)
(revision 168)
baserev update by copy to link target
Displaying revisions 81 - 100 of 267