Summary(uk.UTF-8): OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
Name: openssh
Version: 8.1p1
-Release: 2
+Release: 3
Epoch: 2
License: BSD
Group: Applications/Networking
Patch11: %{name}-chroot.patch
Patch12: openssh-bug-2905.patch
Patch13: %{name}-skip-interop-tests.patch
-
Patch14: %{name}-bind.patch
Patch15: %{name}-disable_ldap.patch
+Patch16: ossh-bug-3093.patch
URL: http://www.openssh.com/portable.html
BuildRequires: %{__perl}
%{?with_audit:BuildRequires: audit-libs-devel}
%{__sed} -i -e 's/\(`$(PKG_CONFIG) --libs gtk+-2.0\) x11`/\1` -lX11/' contrib/Makefile
%endif
+%patch16 -p1
+
# hack since arc4random from openbsd-compat needs symbols from libssh and vice versa
sed -i -e 's#-lssh -lopenbsd-compat#-lssh -lopenbsd-compat -lssh -lopenbsd-compat#g' Makefile*
--- /dev/null
+From ccd3b247d59d3bde16c3bef0ea888213fbd6da86 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm@mindrot.org>
+Date: Mon, 3 Feb 2020 19:40:12 +1100
+Subject: [PATCH] add clock_gettime64(2) to sandbox allowed syscalls
+
+bz3093
+---
+ sandbox-seccomp-filter.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
+index 0914e48ba..f80981faf 100644
+--- a/sandbox-seccomp-filter.c
++++ b/sandbox-seccomp-filter.c
+@@ -188,6 +188,9 @@ static const struct sock_filter preauth_insns[] = {
+ #ifdef __NR_clock_gettime
+ SC_ALLOW(__NR_clock_gettime),
+ #endif
++#ifdef __NR_clock_gettime64
++ SC_ALLOW(__NR_clock_gettime64),
++#endif
+ #ifdef __NR_close
+ SC_ALLOW(__NR_close),
+ #endif