]>
git.pld-linux.org Git - packages/openssh.git/log
Krzysztof Mrozowicz [Fri, 14 Jul 2023 23:03:05 +0000 (23:03 +0000)]
- rel 3
Krzysztof Mrozowicz [Fri, 14 Jul 2023 23:02:05 +0000 (23:02 +0000)]
- moving ssh-pkcs11-helper to client package; By Mateusz Kocielski <shm@digitalsun.pl>
Jan Palus [Tue, 30 May 2023 17:14:07 +0000 (19:14 +0200)]
openssl rebuild
Release 2 (by relup.sh)
Adam Osuchowski [Thu, 16 Mar 2023 14:16:29 +0000 (15:16 +0100)]
- up to 9.3p1
Jan Palus [Tue, 7 Feb 2023 17:10:02 +0000 (18:10 +0100)]
openssl rebuild
Release 2 (by relup.sh)
Adam Gołębiowski [Thu, 2 Feb 2023 14:55:02 +0000 (15:55 +0100)]
- updated to 9.2p1
Arkadiusz Miśkiewicz [Wed, 1 Feb 2023 19:45:11 +0000 (20:45 +0100)]
Release 4 (by relup.sh)
Jan Rękorajski [Sun, 6 Nov 2022 12:00:49 +0000 (13:00 +0100)]
Release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Tue, 1 Nov 2022 22:16:53 +0000 (23:16 +0100)]
Release 2 (by relup.sh)
Adam Gołębiowski [Tue, 4 Oct 2022 11:18:10 +0000 (11:18 +0000)]
- updated to 9.1p1
Jan Palus [Thu, 15 Sep 2022 16:17:37 +0000 (18:17 +0200)]
R: filesystem, pam and S: xorg-app-xauth belong to -server
Jan Palus [Wed, 17 Aug 2022 18:16:33 +0000 (20:16 +0200)]
switch default man page type to doc
appears to be preferred by configure script but not really sure what is
exact difference between types. the drawback of "man" type is wrong
handling of .Qq and .Dl macros ie in ssh_config(5):
For example, Qq *.a.example.com:*.b.example.com,*.c.example.com will allow
Dl Host *.co.uk
Jan Palus [Tue, 5 Jul 2022 19:41:41 +0000 (21:41 +0200)]
openssl rebuild
Release 4 (by relup.sh)
Jan Palus [Tue, 21 Jun 2022 20:39:35 +0000 (22:39 +0200)]
openssl rebuild
Release 3 (by relup.sh)
Jan Palus [Wed, 4 May 2022 08:20:29 +0000 (10:20 +0200)]
openssl rebuild
Release 2 (by relup.sh)
Arkadiusz Miśkiewicz [Wed, 4 May 2022 07:30:14 +0000 (09:30 +0200)]
Fix md5.
Arkadiusz Miśkiewicz [Tue, 19 Apr 2022 18:09:19 +0000 (20:09 +0200)]
Git patch is back as there are upstream fixes
Arkadiusz Miśkiewicz [Fri, 8 Apr 2022 11:33:06 +0000 (13:33 +0200)]
Up to 9.0p1.
Arkadiusz Miśkiewicz [Wed, 16 Mar 2022 18:21:05 +0000 (19:21 +0100)]
md5
Arkadiusz Miśkiewicz [Wed, 16 Mar 2022 18:18:29 +0000 (19:18 +0100)]
Rel 5; add upstream official fixes for stable release (https://lists.mindrot.org/pipermail/openssh-unix-dev/2022-March/040086.html)
Jan Rękorajski [Wed, 16 Mar 2022 07:52:20 +0000 (08:52 +0100)]
- fix building test suite with openssl 3.0
Jan Rękorajski [Wed, 16 Mar 2022 07:23:02 +0000 (08:23 +0100)]
Release 4 (by relup.sh)
Jan Rękorajski [Tue, 15 Mar 2022 22:05:00 +0000 (23:05 +0100)]
Release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Tue, 15 Mar 2022 19:57:07 +0000 (20:57 +0100)]
Release 2 (by relup.sh)
Arkadiusz Miśkiewicz [Tue, 1 Mar 2022 14:07:33 +0000 (15:07 +0100)]
Up to 8.9p1.
Jan Palus [Tue, 14 Dec 2021 23:10:37 +0000 (00:10 +0100)]
openssl rebuild
Release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Thu, 9 Dec 2021 19:14:18 +0000 (20:14 +0100)]
Keep AllowTcpForwarding default with upstream. It's better default for most of services and services like in advisory can enable it on their own.
Arkadiusz Miśkiewicz [Tue, 16 Nov 2021 19:44:34 +0000 (20:44 +0100)]
Rel 2; upstream 'Don't trust closefrom() on Linux.'. Should fix problems with closefrom in chroot.
Arkadiusz Miśkiewicz [Thu, 30 Sep 2021 12:26:36 +0000 (14:26 +0200)]
Up to 8.8p1
Jan Rękorajski [Fri, 24 Sep 2021 21:36:58 +0000 (23:36 +0200)]
rebuild with openssl 3.0.0
Release 3 (by relup.sh)
Jan Palus [Wed, 25 Aug 2021 10:41:50 +0000 (12:41 +0200)]
openssl rebuild
Release 2 (by relup.sh)
Arkadiusz Miśkiewicz [Fri, 20 Aug 2021 20:07:33 +0000 (22:07 +0200)]
Up to 8.7p1
Arkadiusz Miśkiewicz [Wed, 21 Apr 2021 06:06:48 +0000 (08:06 +0200)]
- up to 8.6p1
Jan Palus [Thu, 25 Mar 2021 17:38:53 +0000 (18:38 +0100)]
- release 2 (by relup.sh)
Jan Rękorajski [Sun, 7 Mar 2021 10:09:44 +0000 (11:09 +0100)]
- unconditional noarch subpackages
Arkadiusz Miśkiewicz [Wed, 3 Mar 2021 21:13:59 +0000 (22:13 +0100)]
- up to 8.5p1
Arkadiusz Miśkiewicz [Mon, 1 Mar 2021 23:09:19 +0000 (00:09 +0100)]
- rel 5; fix x32 (seccomp was killing it)
Arkadiusz Miśkiewicz [Mon, 1 Mar 2021 12:22:11 +0000 (13:22 +0100)]
- rediff patches
Jan Rękorajski [Mon, 1 Mar 2021 09:00:03 +0000 (10:00 +0100)]
- don't generate DSA server host keys, this weak algo was run-time disabled in openssh 7.0 (6 years ago)
http://www.openssh.com/txt/release-7.0
Jan Palus [Wed, 17 Feb 2021 16:01:41 +0000 (17:01 +0100)]
- release 4 (by relup.sh)
Jan Palus [Wed, 17 Feb 2021 14:51:47 +0000 (15:51 +0100)]
updated source to https
Jan Palus [Wed, 17 Feb 2021 14:50:47 +0000 (15:50 +0100)]
config.sub is fresh enough already
Jan Palus [Wed, 3 Feb 2021 22:40:23 +0000 (23:40 +0100)]
remove openssh-5.8p1-authorized-keys-command.patch
never used in spec, another copy later added as
authorized-keys-command.patch
Jan Palus [Wed, 3 Feb 2021 22:33:12 +0000 (23:33 +0100)]
updated noarch rule
Jan Palus [Wed, 3 Feb 2021 22:31:05 +0000 (23:31 +0100)]
upstream patch to allow pselect6_time64 in seccomp filter
appears to be required by arm with glibc 2.33
Jan Palus [Wed, 9 Dec 2020 16:52:40 +0000 (17:52 +0100)]
- openssl rebuild
- release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Tue, 27 Oct 2020 20:12:23 +0000 (21:12 +0100)]
- don't bump release
Arkadiusz Miśkiewicz [Tue, 27 Oct 2020 20:09:29 +0000 (21:09 +0100)]
- use rlimit sandbox if building without libseccomp
Jakub Bogusz [Tue, 13 Oct 2020 19:12:18 +0000 (21:12 +0200)]
- release 2 (openssl 1.1.1h)
Jakub Bogusz [Tue, 29 Sep 2020 18:49:44 +0000 (20:49 +0200)]
- versioned runtime dependency on libfido2
Arkadiusz Miśkiewicz [Mon, 28 Sep 2020 19:26:40 +0000 (21:26 +0200)]
- up to 8.4p1
Arkadiusz Miśkiewicz [Wed, 27 May 2020 17:55:20 +0000 (19:55 +0200)]
- up to 8.3p1
Bartek Szady [Wed, 13 May 2020 06:31:11 +0000 (08:31 +0200)]
The FIDO helper has been moved to subpackage to keep it's dependencies out of client subpackage
Jan Palus [Mon, 27 Apr 2020 22:22:31 +0000 (00:22 +0200)]
fix build without ldap
Jan Rękorajski [Tue, 21 Apr 2020 21:30:17 +0000 (23:30 +0200)]
- release 4 (by relup.sh)
Jan Palus [Sun, 5 Apr 2020 15:28:50 +0000 (17:28 +0200)]
- openssl rebuild
- release 3 (by relup.sh)
Jan Rękorajski [Sun, 29 Mar 2020 20:03:42 +0000 (22:03 +0200)]
- release 2 (by relup.sh)
Arkadiusz Miśkiewicz [Sat, 15 Feb 2020 12:06:22 +0000 (13:06 +0100)]
- up to 8.2p1; new - FIDO/U2F support
Arkadiusz Miśkiewicz [Mon, 3 Feb 2020 22:08:10 +0000 (23:08 +0100)]
- rel 4; more syscalls
Arkadiusz Miśkiewicz [Mon, 3 Feb 2020 22:00:58 +0000 (23:00 +0100)]
- rel 3; allow glibc 2.31 to work with filter
Jan Palus [Thu, 17 Oct 2019 19:53:23 +0000 (21:53 +0200)]
disable conch interoperability tests
python-TwistedConch version in PLD appears to be too ancient
Jan Palus [Thu, 17 Oct 2019 15:13:57 +0000 (17:13 +0200)]
patches tend to work better if they are applied
Jan Palus [Thu, 17 Oct 2019 15:02:21 +0000 (17:02 +0200)]
try disabling tests that require pty
Jan Palus [Thu, 17 Oct 2019 10:58:06 +0000 (12:58 +0200)]
fix sshd-keygen location in on demand service; rel 2
Arkadiusz Miśkiewicz [Wed, 9 Oct 2019 17:38:35 +0000 (19:38 +0200)]
- up to 8.1p1
Jakub Bogusz [Sun, 29 Sep 2019 17:58:37 +0000 (19:58 +0200)]
- release 3 (rebuild with openssl 1.1.1d)
Jan Rękorajski [Sat, 1 Jun 2019 20:54:12 +0000 (22:54 +0200)]
- release 2 (by relup.sh)
Adam Gołębiowski [Thu, 18 Apr 2019 08:38:35 +0000 (10:38 +0200)]
- updated to 8.0p1 (CVE-2019-6111)
Arkadiusz Miśkiewicz [Wed, 27 Feb 2019 09:53:32 +0000 (10:53 +0100)]
- moduli is public information (https://bugzilla.redhat.com/show_bug.cgi?id=
1043661 )
Adam Gołębiowski [Wed, 27 Feb 2019 08:20:03 +0000 (09:20 +0100)]
- release 3, rebuild against openssl-1.1.1b
Jan Rękorajski [Tue, 20 Nov 2018 23:48:51 +0000 (00:48 +0100)]
- release 2 (by relup.sh)
Adam Gołębiowski [Sat, 20 Oct 2018 07:46:54 +0000 (09:46 +0200)]
- BR: openssl-devel >= 1.1.0g
Adam Gołębiowski [Fri, 19 Oct 2018 18:36:43 +0000 (20:36 +0200)]
- pass TEST_SSH_TRACE for verbose output from tests
Adam Gołębiowski [Fri, 19 Oct 2018 17:28:38 +0000 (19:28 +0200)]
- try random port for tests
Adam Gołębiowski [Fri, 19 Oct 2018 16:46:47 +0000 (18:46 +0200)]
- no longer needed
Adam Gołębiowski [Fri, 19 Oct 2018 16:36:29 +0000 (18:36 +0200)]
- updated to 7.9p1
Arkadiusz Miśkiewicz [Fri, 14 Sep 2018 10:08:08 +0000 (12:08 +0200)]
- rel 4; build with openssl 1.1.1
Arkadiusz Miśkiewicz [Fri, 14 Sep 2018 06:56:24 +0000 (08:56 +0200)]
- release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Sat, 25 Aug 2018 12:32:37 +0000 (14:32 +0200)]
- rel 2; use seccomp_filter sandbox by default; requires kernel >= 3.5 which is old enough
Arkadiusz Miśkiewicz [Fri, 24 Aug 2018 20:36:52 +0000 (22:36 +0200)]
- up to 7.8p1
Arkadiusz Miśkiewicz [Tue, 3 Apr 2018 08:25:27 +0000 (10:25 +0200)]
- up to 7.7p1
Elan Ruusamäe [Mon, 2 Apr 2018 16:29:41 +0000 (19:29 +0300)]
- openssl-1.0.2o rebuild
- release 4 (by relup.sh)
Arkadiusz Miśkiewicz [Sat, 9 Dec 2017 15:28:39 +0000 (16:28 +0100)]
- release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Mon, 6 Nov 2017 09:50:16 +0000 (10:50 +0100)]
- release 2 (by relup.sh)
Arkadiusz Miśkiewicz [Fri, 6 Oct 2017 06:54:50 +0000 (08:54 +0200)]
- up to 7.6p1
Jan Rękorajski [Sun, 11 Jun 2017 12:47:26 +0000 (14:47 +0200)]
- release 2 (by relup.sh)
Jakub Bogusz [Mon, 17 Apr 2017 09:34:03 +0000 (11:34 +0200)]
- dropped outdated TODO file
Jakub Bogusz [Mon, 17 Apr 2017 09:25:21 +0000 (11:25 +0200)]
- added ldns patch (fixes ldns detection) and bcond
Arkadiusz Miśkiewicz [Tue, 21 Mar 2017 06:47:15 +0000 (07:47 +0100)]
- up to 7.5p1
Arkadiusz Miśkiewicz [Thu, 26 Jan 2017 17:16:08 +0000 (18:16 +0100)]
- openssl rebuild
- release 2 (by relup.sh)
Arkadiusz Miśkiewicz [Mon, 19 Dec 2016 14:58:02 +0000 (15:58 +0100)]
- up to 7.4p1
Arkadiusz Miśkiewicz [Mon, 26 Sep 2016 15:21:28 +0000 (17:21 +0200)]
- openssl
- release 3 (by relup.sh)
Arkadiusz Miśkiewicz [Thu, 22 Sep 2016 20:47:43 +0000 (22:47 +0200)]
- openssl rebuild
- release 2 (by relup.sh)
Tomasz Pala [Tue, 23 Aug 2016 05:59:32 +0000 (07:59 +0200)]
do not lower ssh client security by default
ForwardX11Trusted might be enabled on command line by using -Y instead
of -X, so there's no real need for doing it system-wide(!) default.
Moreover, the rationale behind trusting remote party might be obsolete:
http://dailypackage.fedorabook.com/index.php?/archives/48-Wednesday-Why-Trusted-and-Untrusted-X11-Forwarding-with-SSH.html
Either way, trusting some potentially malicious (especially without
StrictHostKeyChecking) )remote side MUST be conscious decision.
Tomasz Pala [Tue, 23 Aug 2016 05:55:23 +0000 (07:55 +0200)]
do not repeat default config values for ssh client
Tomasz Pala [Mon, 22 Aug 2016 11:56:38 +0000 (13:56 +0200)]
do not enable upstream-disabled DSA keys
reenabling them (temporarily) should be consciuos admin decision to follow
transition period until they are ultimately removed from openssh. Note
the double-hash comment to indicate, that this is only a hint, not default
Tomasz Pala [Mon, 22 Aug 2016 11:54:10 +0000 (13:54 +0200)]
do not uncomment default values, as this suggests altering these params
Arkadiusz Miśkiewicz [Mon, 1 Aug 2016 14:54:54 +0000 (16:54 +0200)]
- up to 7.3p1
Elan Ruusamäe [Fri, 29 Jul 2016 16:56:21 +0000 (19:56 +0300)]
sshd-keygen: do not exit as failure if restorecon is missing
Arkadiusz Miśkiewicz [Mon, 30 May 2016 21:12:50 +0000 (23:12 +0200)]
- up to 7.2p2; fixes X11 security issue http://www.openssh.com/txt/x11fwd.adv
This page took 0.397704 seconds and 4 git commands to generate.