From eb80d3ed9d2c99095663a7781bc46ca2e8a1f192 Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Sun, 24 Apr 2022 22:33:20 -0500 Subject: system/openssh: Update to 9.0p1 --- system/openssh/APKBUILD | 19 ++++++++++--------- system/openssh/fix-utmpx.patch | 2 +- 2 files changed, 11 insertions(+), 10 deletions(-) (limited to 'system') diff --git a/system/openssh/APKBUILD b/system/openssh/APKBUILD index a08c24f79..b649cc2bd 100644 --- a/system/openssh/APKBUILD +++ b/system/openssh/APKBUILD @@ -2,14 +2,14 @@ # Contributor: Valery Kartel # Maintainer: Horst Burkhardt pkgname=openssh -pkgver=8.1_p1 +pkgver=9.0_p1 _myver=${pkgver%_*}${pkgver#*_} -pkgrel=1 -pkgdesc="Port of OpenBSD's free SSH release" +pkgrel=0 +pkgdesc="Remote login tool using encrypted SSH protocol" url="https://www.openssh.com/portable.html" arch="all" -license="BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause" options="suid !check" +license="BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause" depends="openssh-client openssh-sftp-server openssh-server" makedepends_build="linux-pam-dev gettext-tiny" makedepends_host="openssl-dev zlib-dev linux-headers linux-pam-dev @@ -34,6 +34,10 @@ source="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.ta sshd.confd " # secfixes: +# 9.0_p1-r0: +# - CVE-2021-41617 +# - CVE-2021-28041 +# - CVE-2020-14145 # 7.9_p1-r2: # - CVE-2018-20685 # 7.9_p1: @@ -46,8 +50,6 @@ source="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.ta # - CVE-2016-10011 # - CVE-2016-10012 -# HPN patches are from: http://hpnssh.sourceforge.net/ - builddir="$srcdir"/$pkgname-$_myver build() { @@ -67,7 +69,6 @@ build() { --with-privsep-path=/var/empty \ --with-xauth=/usr/bin/xauth \ --with-privsep-user=sshd \ - --with-md5-passwords \ --with-ssl-engine \ --with-pam make @@ -146,9 +147,9 @@ openrc() { install_if="openssh-server=$pkgver-r$pkgrel openrc" } -sha512sums="b987ea4ffd4ab0c94110723860273b06ed8ffb4d21cbd99ca144a4722dc55f4bf86f6253d500386b6bee7af50f066e2aa2dd095d50746509a10e11221d39d925 openssh-8.1p1.tar.gz +sha512sums="613ae95317e734868c6a60d9cc5af47a889baa3124bbdd2b31bb51dd6b57b136f4cfcb5604cca78a03bd500baab9b9b45eaf77e038b1ed776c86dce0437449a9 openssh-9.0p1.tar.gz f3d5960572ddf49635d4edbdff45835df1b538a81840db169c36b39862e6fa8b0393ca90626000b758f59567ff6810b2537304098652483b3b31fb438a061de6 disable-forwarding-by-default.patch -9033520d18ccfea87628c78008591ae8a143999868254eabc926ca0665611c9f09c221265b1b6f552b82eca58558244a020d615b55249a02f96e298c1f7ff520 fix-utmpx.patch +70bffa6c061a02dd790dbaa68cd0b488395aa2312039b037e1a707e8cf7465754bf376d943d351914b64044c074af7504e845de865dec45ea00d992c2bbb8925 fix-utmpx.patch 34c0673f550e7afcd47eda4fe1da48fb42e5344c95ba8064c9c3c137fda9c43635b0f7b8145d0300f59c79f75a396ebd467afb54cdaa42aa251d624d0752dc84 sftp-interactive.patch ad5b209f7f3fff69c10bae34da143e071e107a2141eee94f393532d6bb04a36bfe6d9b5d2c08b713f67118503c38d11b4aad689df1df7c8a918d52db8326821d time64-seccomp.patch 964c0f8538ba25bdc9cdbd1467bbdfb2090e38492ff0ef7c64473785713fe26d752ea6a7b0ee7a0b34e08f4d3b4bccf6a69e6c456f0c57d0d0c581aa8a046936 sshd.initd diff --git a/system/openssh/fix-utmpx.patch b/system/openssh/fix-utmpx.patch index 5e43eaf06..d04742e2f 100644 --- a/system/openssh/fix-utmpx.patch +++ b/system/openssh/fix-utmpx.patch @@ -1,6 +1,6 @@ --- openssh-7.7p1/loginrec.c.old 2018-04-02 00:38:28.000000000 -0500 +++ openssh-7.7p1/loginrec.c 2018-06-15 22:09:00.091482769 -0500 -@@ -1659,7 +1659,11 @@ +@@ -1663,7 +1663,11 @@ const char *ttyn) { int fd; -- cgit v1.2.3-60-g2f50