rpms/openssh
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
897 Commits 32 Branches 239 Tags 9.6 MiB
eef660e534
Commit Graph

682 Commits

Author SHA1 Message Date
Jakub Jelen
6da7f4d0ed Drop SCP progressmeter patch because of reworked UTF-8 API (tracked upstream #2434) 2016-08-04 13:57:02 +02:00
Jakub Jelen
70c2ac20bd CVE-2016-6210 is fixed upstream 2016-08-04 10:59:59 +02:00
Jakub Jelen
13a7aaf5e3 CVE-2015-8325 and certificate regression are fixed upstream 2016-08-04 10:59:59 +02:00
Jakub Jelen
38e1dfa80d Upstream bug #2477 applied 2016-08-04 10:59:59 +02:00
Jakub Jelen
4bd77fcccc seccomp for secondary architecures patch already upstream (#2590) 2016-08-04 10:59:59 +02:00
Jakub Jelen
05bc93847e Bug #2281 resolved upstream 2016-08-04 10:59:59 +02:00
Jakub Jelen
178ce15f5a UTF-8 banners resolved by upstream bug #2058 2016-08-04 10:59:59 +02:00
Jakub Jelen
14320ca590 The upstream bug #2257 is fixed 2016-08-04 10:59:59 +02:00
Jakub Jelen
82bfd19e51 openssh-7.2p2-11 + 0.10.2-3 2016-07-26 15:41:29 +02:00
Jakub Jelen
6a7dd92929 Remove legacy sshd-keygen (#1359762) 
Revert "Add legacy sshd-keygen for anaconda (#1331077)"

This reverts commit 0b5300a59c.
 2016-07-26 15:41:29 +02:00
Jakub Jelen
793bc4b1cc Remove slogin symlinks (#1359762) 
Revert "Restore slogin symlinks"

This reverts commit e762f7265e.
 2016-07-26 15:41:29 +02:00
Jakub Jelen
b4df5ebb8d Rework SELinux context handling with chroot using libcap-ng (#1357860) 2016-07-26 15:40:30 +02:00
Jakub Jelen
9dc741314f openssh-7.2p2-10 + 0.10.2-3 2016-07-18 13:55:58 +02:00
Jakub Jelen
1057900209 Prevent user enumeration via timing channel (CVE-2016-6210) 2016-07-18 13:30:52 +02:00
Jakub Jelen
209c7a8aea Expose more information to PAM 2016-07-18 13:30:51 +02:00
Jakub Jelen
9864973c69 Make closefrom() ignore softlinks to the /dev/ devices on s390 2016-07-18 12:26:15 +02:00
Jakub Jelen
a49441fa52 openssh-7.2p2-9 + 0.10.2-3 2016-07-01 09:07:18 +02:00
Jakub Jelen
5a67d51d0f openssh-7.2p2-8 + 0.10.2-3 2016-06-24 12:07:22 +02:00
Jakub Jelen
186bf3858e UseLogin yes is not supported in Fedora 2016-06-24 12:07:22 +02:00
Petr Písař
ad928ac7d1 Mandatory Perl build-requires added <https://fedoraproject.org/wiki/Changes/Build_Root_Without_Perl> 2016-06-24 10:03:17 +02:00
Jakub Jelen
ba8f38935c openssh-7.2p2-7 2016-06-06 16:39:35 +02:00
Jakub Jelen
f6a096caf2 Build seccomp filter on ppc64(le) architecture (#1195065) 2016-06-06 16:39:35 +02:00
Jakub Jelen
1144aef1d1 Comments for patches, merge ssh_config from localdomain to redhat patch (ssh_config related) 2016-06-06 16:39:17 +02:00
Jakub Jelen
f2868287aa rebase x11 patch to clean up coverity patch 2016-06-03 10:44:32 +02:00
Jakub Jelen
ea9421342e Coverity: dereference in pam_ssh_agent_auth 
Upstream: https://sourceforge.net/p/pamsshagentauth/bugs/22/
 2016-06-03 09:49:44 +02:00
Jakub Jelen
d78d347c11 Check for real location of .k5login file (#1328243) 2016-06-03 09:29:58 +02:00
Jakub Jelen
8dd0608e77 Regression in certificate-based authentication (#1333498) 2016-05-06 09:25:20 +02:00
Jakub Jelen
991b66246f openssh-7.2p2-6 + 0.10.2-3 2016-04-29 13:57:45 +02:00
Jakub Jelen
0b5300a59c Add legacy sshd-keygen for anaconda (#1331077) 2016-04-29 13:41:38 +02:00
Jakub Jelen
1380564732 openssh-7.2p2-5 + 0.10.2-3 2016-04-22 14:52:57 +02:00
Jakub Jelen
cf4e3a1844 Fix for CVE-2015-8325 (#1328013) 2016-04-18 12:39:11 +02:00
Jakub Jelen
58d2868dfe openssh-7.2p2-4 + 0.10.2-3 2016-04-15 17:56:43 +02:00
Jakub Jelen
5489ace8dc Add sshd-keygen.target to abstract key creation from sshd.service and sshd@.service (#1325535) 
* PartOf  is needed to trigger  sshd-keygen  checks for  sshd.service  restarts
 * sshd-keygen.target  makes a level of abstraction to eliminate dupplicate
   dependencies on both  sshd  and  sshd@  services
 2016-04-15 17:05:32 +02:00
Jakub Jelen
461b3af818 Remove unused sshd init script 2016-04-15 17:04:59 +02:00
Jakub Jelen
32a74888d5 openssh-7.2p2-3 + 0.10.2-3 2016-04-13 13:44:58 +02:00
Jakub Jelen
00c7b75439 Make sshd-keygen comply with packaging guidelines (#1325535) 2016-04-13 13:42:12 +02:00
Jakub Jelen
f7e56a52db openssh-7.2p2-2 + 0.10.2-3 2016-04-06 13:01:29 +02:00
Jakub Jelen
9163ba11f1 openssh-7.2p2-1 + 0.10.2-3 2016-03-10 13:36:41 +01:00
Jakub Jelen
0bdae3b8df openssh-7.2p1-1 + 0.10.2-2 2016-03-03 17:59:53 +01:00
Jakub Jelen
e762f7265e Restore slogin symlinks 2016-03-03 17:48:20 +01:00
Jakub Jelen
13073f8d9c openssh-7.2p1-1 (#1312870) 2016-02-29 15:01:33 +01:00
Jakub Jelen
46445f1c7a openssh-7.1p2-4 + 0.10.2-1 2016-02-25 10:38:09 +01:00
Jakub Jelen
44fc97266b Audit race condition resolved (#1308295) 2016-02-25 10:37:22 +01:00
Jakub Jelen
700da17374 Remove hard glob limit since the CVE introducing this one is unrelated. 2016-02-24 09:51:43 +01:00
Fedora Release Engineering
b2b837ad97 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 11:34:23 +00:00
Jakub Jelen
8ddd3edcd8 openssh-7.1p2-3 + 0.10.2-1 2016-01-30 01:18:26 +01:00
Jakub Jelen
6c2eb5e22d openssh-7.1p2-2 + 0.10.2-1 2016-01-26 09:00:28 +01:00
Jakub Jelen
38c7737421 Remove defattr from spec file 
Mailing list thread:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/KEO7AX3JXR2TY6OVL4M7HDISZ6YIJNKU/
 2016-01-26 09:00:28 +01:00
Jakub Jelen
733cea720e CVE-2016-1908: Prevent possible fallback from untrusted to trusted X11 forwarding 
Upstream commits:
  https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
  https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
 2016-01-26 09:00:23 +01:00
Jakub Jelen
87ab5fc4af Reabse to latest release of pam_ssh_agent_auth with preserving current functionality 
* Rebase to latest upstream version
 * Clean up older patches for pam_ssh_agent_auth
 * Remove prefixes from upstream release so we can build it against current
   openssh library
 * Remove copied files and headers so we make sure we build against current openssh
 2016-01-25 13:32:42 +01:00
Jakub Jelen
7bc64374b0 openssh-7.1p2-1 + 0.9.2-9 2016-01-14 16:11:06 +01:00
Jakub Jelen
b2191db92e openssh-7.1p1-7 + 0.9.2-8 2016-01-12 13:15:33 +01:00
Jakub Jelen
06b1d5330a Make ssh-keysign world readable (#1296724) 2016-01-08 13:22:09 +01:00
Jakub Jelen
f26cd8d6ee Update ssh-agent permissions (#1296724) 
* It is no longer required to have ssh-agent with suid bit, because
  the ptrace attach is prevented using PR_SET_DUMPABLE 0 [1]

[1] https://anongit.mindrot.org/openssh.git/commit/?id=6c4914afccb0c188a2c412d12dfb1b73e362e07e
 2016-01-08 11:27:02 +01:00
Jakub Jelen
7c5d0a686c Make sure the semantics of %global macro stays the same as before a0e252571b 2016-01-08 09:15:52 +01:00
Jakub Jelen
a0e252571b Change %define to %global according to packaging guidelines 
Based on discussion started on fedora-devel:
https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject.org/thread/AS35NKZSAWRIKY77IUYOVNFAT6AJQVAU/
 2016-01-04 10:41:27 +01:00
Jakub Jelen
c45d147a86 openssh-7.1p1-6 + 0.9.2-8 2015-12-18 14:36:00 +01:00
Jakub Jelen
f6bd29aaca Preserve IUTF8 tty mode flag over ssh connections (#1270248) 2015-12-18 14:36:00 +01:00
Jakub Jelen
86f52d4e69 Rebase downstream patches of ssh-copy-id into one from upstream 
Source:
http://git.hands.com/ssh-copy-id
 2015-12-16 15:40:10 +01:00
Jakub Jelen
d9d9575f00 GSSAPI Key Exchange documentation improvements 
from Debian patches:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765655
 2015-12-10 15:37:52 +01:00
Jakub Jelen
ef86a312db openssh-7.1p1-5 + 0.9.2-8 2015-11-04 10:18:50 +01:00
Jakub Jelen
fa54d5472d openssh-7.1p1-4 + 0.9.2-8 2015-10-22 14:55:07 +02:00
Jakub Jelen
a80c277795 openssh-7.1p1-3 + 0.9.2-8 2015-09-25 14:10:39 +02:00
Jakub Jelen
812f08d95e Provide full RELRO and PIE form askpass helper (#1264036) 2015-09-24 15:57:11 +02:00
Jakub Jelen
98262158d8 openssh-7.1p1-2 + 0.9.2-8 2015-09-09 14:29:31 +02:00
Jakub Jelen
757fec581b openssh-7.1p1-1 + 0.9.3-8 2015-08-22 22:22:48 +02:00
Jakub Jelen
ccd186847a Add corresponding options for ssh1 configure 2015-08-22 22:22:48 +02:00
Jakub Jelen
c98f559725 HostKeyAlgorithms option on server is broken when using + sign 2015-08-22 22:22:48 +02:00
Jakub Jelen
ebdae84225 openssh-7.0p1-2 + 0.9.3-7 2015-08-19 13:49:45 +02:00
Jakub Jelen
18e54994fa Fix typo in version string 2015-08-19 13:47:28 +02:00
Jakub Jelen
4df30a2a72 Possibility to validate legacy systems by more fingerprints (#1249626) 2015-08-19 13:43:36 +02:00
Jakub Jelen
bc4ef0f373 Add GSSAPIKexAlgorithms option for server and client application 2015-08-19 13:18:07 +02:00
Jakub Jelen
3f55133c24 openssh-7.0p1-1 + 6.9.3-7 
New upstream release (#1252639)
                - allow root login in default config
        Security: Use-after-free bug related to PAM support (#1252853)
        Security: Privilege separation weakness related to PAM support (#1252854)
        Security: Incorrectly set TTYs to be world-writable (#1252862)
 2015-08-13 17:44:41 +02:00
Jakub Jelen
2939c322fa Create openssh-clients-ssh1 subpackage with tools for protocol SSHv1 2015-08-13 17:44:41 +02:00
Jakub Jelen
1d50678457 Remove obsolete triggerruns for migration to systemd 
- overlapping versions are not supported by current rpm
 2015-07-28 13:08:55 +02:00
Jakub Jelen
6286d6a8e6 6.9p1-4 + 0.9.3-6 2015-07-28 11:24:35 +02:00
Jakub Jelen
67938e0c00 Handle terminal control characters in scp progressmeter (#1247204) 2015-07-28 11:23:51 +02:00
Jakub Jelen
83bfb1fce5 6.9p1-3 + 0.9.3-6 2015-07-23 11:12:19 +02:00
Jakub Jelen
c6d2eca7de only query each keyboard-interactive device once (#1245971) 
Upstream commit
https://anongit.mindrot.org/openssh.git/commit/?id=5b64f85bb811246c59ebab70aed331f26ba37b18
 2015-07-23 11:06:12 +02:00
Jakub Jelen
ca62b6133e 6.9p1-2 + 0.9.3-6 2015-07-15 09:44:37 +02:00
Jakub Jelen
a4d9cd5694 Patch name, formating 2015-07-08 12:24:34 +02:00
Jakub Jelen
58ba50440e Allow building seccomp filters also for s390(x) architectures (#1195065) 2015-07-02 17:10:58 +02:00
Jakub Jelen
187a349ee6 6.9p1-1 + 0.9.3-6 2015-07-01 15:51:20 +02:00
Jakub Jelen
5de6c89ff2 Correctly revert "PermitRootLogin no" option from upstream sources 2015-07-01 15:51:20 +02:00
Jakub Jelen
535d341e70 rebase to new upstream release 6.9 2015-07-01 15:51:01 +02:00
Jakub Jelen
f3002bfb7b 6.8p1-9 + 0.9.3-5 2015-06-24 10:49:08 +02:00
Dennis Gilmore
b59dd83265 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-18 00:06:18 +00:00
Jakub Jelen
5aa47ae6f4 6.8p1-8 + 0.9.3-5 2015-06-08 09:06:12 +02:00
Jakub Jelen
f049b3b1ad 6.8p1-7 + 0.9.3-5 2015-06-03 07:54:20 +02:00
Jakub Jelen
8a10dcb363 6.8p1-6 + 0.9.3-5 2015-05-28 14:02:26 +02:00
Jakub Jelen
09ca6ef2e6 Provide LDIF version of LPK schema 2015-05-28 13:51:58 +02:00
Jakub Jelen
0a076e7e9e Add missing Banner in sshd -T output 2015-05-28 13:39:34 +02:00
Jakub Jelen
8244d5a508 Fix upstream memory problems 2015-05-27 16:16:41 +02:00
Jakub Jelen
637556d934 Resolve problem with pam_ssh_agent_auth after rebase (#1225106) 
* authfd internals changed in upstream commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622
 * Reintroduced missing structure AuthenticationConnection
 * inspired by ssh-add.c
 2015-05-27 15:08:37 +02:00
Jakub Jelen
3e3570ad64 ssh-copy-id: tcsh doesnt work with multiline strings so we will make it uggly one-line 2015-05-27 12:05:49 +02:00
Jakub Jelen
775e1b20e6 6.8p1-5 + 0.9.3-5 2015-04-20 17:28:43 +02:00
Jakub Jelen
c5163162d3 6.8p1-4 + 0.9.3-5 2015-04-02 17:51:58 +02:00
Jakub Jelen
c028ac51a4 6.8p1-3 + 0.9.3-5 2015-03-31 17:24:34 +02:00
Jakub Jelen
23bc31b25a Remove krb5-config workaround for #1203900 2015-03-30 11:48:11 +02:00
Jakub Jelen
e5b15a7419 6.8p1-2 + 0.9.3-5 2015-03-26 14:20:31 +01:00