./security/openssh, Open Source Secure shell client and server (remote login program)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2015Q2, Version: 7.1.1, Package name: openssh-7.1.1, Maintainer: pkgsrc-users

OpenSSH is based on the last free version of Tatu Ylonen's SSH with
all patent-encumbered algorithms removed (to external libraries), all
known security bugs fixed, new features reintroduced and many other
clean-ups. More information about SSH itself can be found in the file
README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song.

This port consists of the re-introduction of autoconf support, PAM
support (for Linux and Solaris), EGD[1] support, SOCKS support (using
the Dante [6] libraries and replacements for OpenBSD library functions
that are (regrettably) absent from other unices. This port has been
best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX,
SCO, NeXT and other Unices is underway. This version actively tracks
changes in the OpenBSD CVS repository.

MESSAGE.Interix [+/-]
MESSAGE.pam [+/-]
MESSAGE.urandom [+/-]

Master sites: (Expand)

SHA1: ed22af19f962262c493fcc6ed8c8826b2761d9b6
RMD160: 2c97ea10099fa8658156c0351d60d715655b9b07
Filesize: 1458.174 KB

Version history: (Expand)


CVS history: (Expand)


   2015-09-03 21:30:17 by Matthias Scheler | Files touched by this commit (2)
Log message:
Pullup ticket #4807 - requested by taca
security/openssh: build fix patch

Revisions pulled up:
- security/openssh/distinfo                                     1.97
- security/openssh/options.mk                                   1.31

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug 22 05:17:22 UTC 2015

   Modified Files:
   	pkgsrc/security/openssh: distinfo options.mk

   Log message:
   Revive hpn-patch patch although not yet tested well.
   2015-08-24 21:06:40 by Matthias Scheler | Files touched by this commit (12) | Package updated
Log message:
Pullup ticket #4796 - requested by wiz
security/openssh: security update

Revisions pulled up:
- security/openssh/Makefile					patch
- security/openssh/PLIST					patch
- security/openssh/distinfo					patch
- security/openssh/files/org.openssh.sshd.sb.in			patch
- security/openssh/patches/patch-auth2-chall.c			patch
- security/openssh/patches/patch-auth2.c			patch
- security/openssh/patches/patch-loginrec.c			patch
- security/openssh/patches/patch-openbsd-compat_bsd-openpty.c	patch
- security/openssh/patches/patch-sandbox-darwin.c		patch
- security/openssh/patches/patch-sftp-common.c			patch
- security/openssh/patches/patch-sshd.c				patch
- security/openssh/patches/patch-uidswap.c			patch

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Fri Aug 21 08:12:09 UTC 2015

   Modified Files:
   	pkgsrc/security/openssh: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssh/patches: patch-auth2-chall.c

   Log message:
   Update to 7.1p1:

   Changes since OpenSSH 7.0
   =========================

   This is a bugfix release.

   Security
   --------

    * sshd(8): OpenSSH 7.0 contained a logic error in PermitRootLogin=
      prohibit-password/without-password that could, depending on
      compile-time configuration, permit password authentication to
      root while preventing other forms of authentication. This problem
      was reported by Mantas Mikulenas.

   Bugfixes
   --------

    * ssh(1), sshd(8): add compatability workarounds for FuTTY

    * ssh(1), sshd(8): refine compatability workarounds for WinSCP

    * Fix a number of memory faults (double-free, free of uninitialised
      memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz
      Kocielski.
   2015-08-01 10:56:59 by Matthias Scheler | Files touched by this commit (3)
Log message:
Pullup ticket #4786 - requested by taca
security/openssh: security patch

Revisions pulled up:
- security/openssh/Makefile                                     1.234
- security/openssh/distinfo                                     1.94
- security/openssh/patches/patch-auth2-chall.c                  1.1

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jul 30 03:20:36 UTC 2015

   Modified Files:
   	pkgsrc/security/openssh: Makefile distinfo
   Added Files:
   	pkgsrc/security/openssh/patches: patch-auth2-chall.c

   Log message:
   Add fix for CVE-2015-5600 from FreeBSD via NetBSD base.

   Bump PKGREVISION.
   2015-07-15 00:03:39 by Matthias Scheler | Files touched by this commit (27) | Package updated
Log message:
Pullup ticket #4771 - requested by taca
security/openssh: security update

Revisions pulled up:
- security/openssh/Makefile                                     1.233
- security/openssh/distinfo                                     1.92-1.93
- security/openssh/options.mk                                   1.30
- security/openssh/patches/patch-Makefile.in                    1.4
- security/openssh/patches/patch-auth-passwd.c                  1.2
- security/openssh/patches/patch-auth-rhosts.c                  1.2
- security/openssh/patches/patch-auth.c                         1.3
- security/openssh/patches/patch-auth1.c                        1.3
- security/openssh/patches/patch-auth2.c                        1.4
- security/openssh/patches/patch-channels.c                     1.2
- security/openssh/patches/patch-clientloop.c                   1.2
- security/openssh/patches/patch-compat.c                       deleted
- security/openssh/patches/patch-config.h.in                    1.4
- security/openssh/patches/patch-configure                      deleted
- security/openssh/patches/patch-configure.ac                   1.4
- security/openssh/patches/patch-defines.h                      1.3
- security/openssh/patches/patch-includes.h                     1.3
- security/openssh/patches/patch-openbsd-compat_openbsd-compat.h 1.3
- security/openssh/patches/patch-openbsd-compat_port-tun.c      1.2
- security/openssh/patches/patch-platform.c                     1.4
- security/openssh/patches/patch-scp.c                          1.3
- security/openssh/patches/patch-session.c                      1.4
- security/openssh/patches/patch-ssh.c                          1.4
- security/openssh/patches/patch-sshconnect.c                   deleted
- security/openssh/patches/patch-sshd.8                         1.1
- security/openssh/patches/patch-sshd.c                         1.4
- security/openssh/patches/patch-sshpty.c                       1.2

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jul  9 16:14:24 UTC 2015

   Modified Files:
   	pkgsrc/security/openssh: Makefile distinfo options.mk
   	pkgsrc/security/openssh/patches: patch-Makefile.in patch-auth-passwd.c
   	    patch-auth-rhosts.c patch-auth.c patch-auth1.c patch-auth2.c
   	    patch-channels.c patch-clientloop.c patch-config.h.in
   	    patch-configure.ac patch-defines.h patch-includes.h
   	    patch-openbsd-compat_openbsd-compat.h
   	    patch-openbsd-compat_port-tun.c patch-platform.c patch-scp.c
   	    patch-session.c patch-ssh.c patch-sshd.c patch-sshpty.c
   Added Files:
   	pkgsrc/security/openssh/patches: patch-sshd.8
   Removed Files:
   	pkgsrc/security/openssh/patches: patch-compat.c patch-configure
   	    patch-sshconnect.c

   Log message:
   Update openssh to 6.9.1 (OpenSSH 6.9p1) which contains security fix.

   pkgsrc change:

   * tcp_wrappers support was removed from release 6.7, but add it refering
     FreeBSD's ports.
   * hpn-patch is also based on FreeBSD's ports.

   Security
   --------

    * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no,
      connections made after ForwardX11Timeout expired could be permitted
      and no longer subject to XSECURITY restrictions because of an
      ineffective timeout check in ssh(1) coupled with "fail open"
      behaviour in the X11 server when clients attempted connections with
      expired credentials. This problem was reported by Jann Horn.

    * ssh-agent(1): fix weakness of agent locking (ssh-add -x) to
      password guessing by implementing an increasing failure delay,
      storing a salted hash of the password rather than the password
      itself and using a timing-safe comparison function for verifying
      unlock attempts. This problem was reported by Ryan Castellucci.

   For more information, please refer release announce.

   	http://www.openssh.com/txt/release-6.9
   	http://www.openssh.com/txt/release-6.8
   	http://www.openssh.com/txt/release-6.7

---
   Module Name:	pkgsrc
   Committed By:	dsainty
   Date:		Fri Jul 10 07:00:29 UTC 2015

   Modified Files:
   	pkgsrc/security/openssh: distinfo

   Log message:
   Remove dangling stale hash for patch-sshconnect.c