aboutsummaryrefslogtreecommitdiff
path: root/net/openssh/patches
Commit message (Collapse)AuthorAge
* openssh: bump to 9.7p1John Audia2024-03-19
| | | | | | | | | | | | Release notes: https://www.openssh.com/txt/release-9.7 Removed upstreamed patch: 010-better_fzero-call-detection.patch Build system: x86/64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia <therealgraysky@proton.me>
* openssh: fix build failure on powerpc_8548Sibren Vasse2024-01-06
| | | | | | https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
* openssh: add server config subdirectoryPhilip Prindeville2023-08-07
| | | | | | | | Most distros allow dropping site configuration files into /etc/sshd_config.d/ so that you don't have to tweak the main server configuration file. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* openssh: update to 9.0p1Sibren Vasse2022-04-13
| | | | | | Remove upstreamed patches. Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
* openssh: update to 8.9p1Michal Vasilek2022-03-16
| | | | Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
* openssh: update to 8.1p1Sibren Vasse2019-11-09
| | | | Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
* openssh: Fix compilation with -Wimplicit-functionRosen Penev2019-07-21
| | | | | | Upstream backport. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* openssh: update to 8.0p1Peter Wagner2019-04-20
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: add upstream patches, including CVE-2019-6111Peter Wagner2019-03-03
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: patch scp security issuesJan Pavlinec2019-02-10
| | | | | | | | Fixes CVE-2019-6109 CVE-2019-6111 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* openssh: backport patch for CVE-2018-20685Peter Wagner2019-01-15
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: fixes issues with some openssl optionsPeter Wagner2018-10-20
| | | | | | | | | | | | | | This adds a couple of patches when setting some openssl options: * ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be be guarded by OPENSSL_HAS_ECC; otherwise, it will not build with openssl compiled without ECC support. * Fix openssl version number in openbsd-compat/openssl-compat.c which failed to compile --with-ssl-engine; this option is used when CONFIG_OPENSSL_ENGINE_CRYPTO=y Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.9p1Peter Wagner2018-10-19
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: add openssl 1.1.0 compatibilityEneas U de Queiroz2018-09-30
| | | | | | | | | | | | | Five commits from upstream were applied to v. 7.8-p1: 482d23bc upstream: hold our collective noses and use the openssl-1.1.x API in 48f54b9d adapt -portable to OpenSSL 1.1x API 86e0a9f3 upstream: use only openssl-1.1.x API here too a3fd8074 upstream: missed a bit of openssl-1.0.x API in this unittest d64e7852 add compat header Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* openssh: update to 7.8p1Peter Wagner2018-08-27
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.7p1Peter Wagner2018-04-08
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* Revert "The earlier commit ea119211b21 removed 'dsa' as one of the ↵Daniel Golle2017-06-05
| | | | | | | | | | | | | | ssh_host_*_key" The author (@pprindeville) of the original commit noted that the wrong commit was picked, see https://github.com/openwrt/packages/commit/325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564#commitcomment-22387528 "Err... looks like the wrong fix got committed. I was hoping that this commit d902e5d would have gone in instead." This reverts commit 325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_keyPeter Wagner2017-06-03
| | | | | | | | | | | | | | types that got generated. Problem was that it didn't remove that key as one of the paths that the server looks for by default. As a consequence, your log file might fill up with messages like: 2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key The patch is forunately trivial. Don't set the path for the dsa key file in the server configuration. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.5p1, remove unneeded patchesPeter Wagner2017-03-21
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.4p1Peter Wagner2016-12-22
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: Unregister the KEXINIT handler after message has beenPeter Wagner2016-10-17
| | | | | | | | | | received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause allocation of up to 128MB -- until the connection is closed. Reported by shilei-c at 360.cn https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: move inbound NEWKEYS handling to kex layer; otherwise early NEWKEYS ↵Peter Wagner2016-10-03
| | | | | | | | causes NULL deref see: https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737 Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.3p1Peter Wagner2016-08-09
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 6.8p1Peter Wagner2015-03-19
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 6.7p1Peter Wagner2014-10-19
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: import from packagesPeter Wagner2014-06-16
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Powered by cgit, Themed by Ted Yin.