Overview
Request 677282 accepted
- Supplement the openssh and libx11 together to ensure this package
is installed on machines where there is X stack
- Handle brace expansion in scp when checking that filenames sent
by the server side match what the client requested [bsc#1125687]
* openssh-7.9p1-brace-expansion.patch
- Updated security fixes:
* [bsc#1121816, CVE-2019-6109] Sanitize scp filenames via snmprintf
and have progressmeter force an update at the beginning and end
of each transfer. Added patches:
- openssh-CVE-2019-6109-sanitize-scp-filenames.patch
- openssh-CVE-2019-6109-force-progressmeter-update.patch
* [bsc#1121821, CVE-2019-6111] Check in scp client that filenames
sent during remote->local directory copies satisfy the wildcard
specified by the user. Added patch:
- openssh-CVE-2019-6111-scp-client-wildcard.patch
* Removed openssh-7.9p1-scp-name-validator.patch
- Change the askpass wrapper to not use x11 interface:
* by default we use the -gnome UI (which is gtk3 only, no gnome dep)
* if desktop is KDE/LxQt we use ksshaskpass
- Created by scarabeus_iv
- In state accepted
- Supersedes 676350 677278
Request History
scarabeus_iv created request
- Supplement the openssh and libx11 together to ensure this package
is installed on machines where there is X stack
- Handle brace expansion in scp when checking that filenames sent
by the server side match what the client requested [bsc#1125687]
* openssh-7.9p1-brace-expansion.patch
- Updated security fixes:
* [bsc#1121816, CVE-2019-6109] Sanitize scp filenames via snmprintf
and have progressmeter force an update at the beginning and end
of each transfer. Added patches:
- openssh-CVE-2019-6109-sanitize-scp-filenames.patch
- openssh-CVE-2019-6109-force-progressmeter-update.patch
* [bsc#1121821, CVE-2019-6111] Check in scp client that filenames
sent during remote->local directory copies satisfy the wildcard
specified by the user. Added patch:
- openssh-CVE-2019-6111-scp-client-wildcard.patch
* Removed openssh-7.9p1-scp-name-validator.patch
- Change the askpass wrapper to not use x11 interface:
* by default we use the -gnome UI (which is gtk3 only, no gnome dep)
* if desktop is KDE/LxQt we use ksshaskpass
licensedigger accepted review
ok
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
maxlin_factory set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
maxlin_factory accepted review
Picked openSUSE:Factory:Staging:F
namtrac accepted review
maxlin_factory changed priority to moderate => important
raising priority for openSUSE:Factory:Staging:F
repo-checker accepted review
Accepted as part of openSUSE:Factory:Staging:F
coolo accepted review
ready to accept
coolo approved review
ready to accept
coolo accepted request
Accept to openSUSE:Factory