diff options
| author | jschauma <jschauma@pkgsrc.org> | 2003-09-23 17:52:33 +0000 |
|---|---|---|
| committer | jschauma <jschauma@pkgsrc.org> | 2003-09-23 17:52:33 +0000 |
| commit | 462ab137c6acdfe473ac96a02c22aa86719497cd (patch) | |
| tree | e419d6e90cce89dd403a8e342c84a53f775fe12e | |
| parent | 0ad7d66a3a9d3f2ca0cb83922de65c053e00487b (diff) | |
| download | pkgsrc-462ab137c6acdfe473ac96a02c22aa86719497cd.tar.gz | |
Update to 3.7.1p2:
Most important chcanges: security relevant bug fixes in new PAM authentication code
Changes since OpenSSH 3.7.1p1:
==============================
* This release disables PAM by default. To enable it, set "UsePAM yes" in
sshd_config. Due to complexity, inconsistencies in the specification and
differences between vendors' PAM implementations we recommend that PAM
be left disabled in sshd_config unless there is a need for its use.
Sites using only public key or simple password authentication usually
have little need to enable PAM support.
* This release now requires zlib 1.1.4 to build correctly. Previous
versions have security problems.
* Fix compilation for versions of OpenSSL before 0.9.6. Some cipher modes
are not supported for older OpenSSL versions.
* Fix compilation problems on systems with a missing or lacking inet_ntoa()
function.
* Workaround problems related to unimplemented or broken setresuid/setreuid
functions on several platforms.
* Fix compilation on older OpenBSD systems.
* Fix handling of password-less authentication (PermitEmptyPasswords=yes)
that has not worked since the 3.7p1 release.
| -rw-r--r-- | security/openssh/Makefile | 6 | ||||
| -rw-r--r-- | security/openssh/distinfo | 9 | ||||
| -rw-r--r-- | security/openssh/patches/patch-aa | 14 | ||||
| -rw-r--r-- | security/openssh/patches/patch-ai | 10 |
4 files changed, 13 insertions, 26 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 2795a5f0145..8533ba9c376 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.114 2003/09/22 01:18:38 grant Exp $ +# $NetBSD: Makefile,v 1.115 2003/09/23 17:52:33 jschauma Exp $ -DISTNAME= openssh-3.7.1p1 -PKGNAME= openssh-3.7.1.1 +DISTNAME= openssh-3.7.1p2 +PKGNAME= openssh-3.7.1.2 SVR4_PKGNAME= ossh CATEGORIES= security MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ diff --git a/security/openssh/distinfo b/security/openssh/distinfo index 693618a0154..8ad9d94c697 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,8 +1,7 @@ -$NetBSD: distinfo,v 1.28 2003/09/18 02:11:40 jschauma Exp $ +$NetBSD: distinfo,v 1.29 2003/09/23 17:52:34 jschauma Exp $ -SHA1 (openssh-3.7.1p1.tar.gz) = b936ca7528fb46318febe02042a0e1bccf31c127 -Size (openssh-3.7.1p1.tar.gz) = 791161 bytes -SHA1 (patch-aa) = 6d9fda6b4258a295cef814021b06fa7b3709f59e +SHA1 (openssh-3.7.1p2.tar.gz) = 9b7d026710a3017c448b0e531eb95be6b2081963 +Size (openssh-3.7.1p2.tar.gz) = 792280 bytes +SHA1 (patch-aa) = 62918b930d51411b0067e77c43c830c35b07c457 SHA1 (patch-ab) = 1069fe256b7925fcf404781ef14e5c492f52c21e SHA1 (patch-ah) = 9913c868bde5d318915b1dee2c05dcf454a0f506 -SHA1 (patch-ai) = 3f1ec11561916388c5ed9ce36e531bce411d54a4 diff --git a/security/openssh/patches/patch-aa b/security/openssh/patches/patch-aa index b25a3d80b4b..22a5c55899d 100644 --- a/security/openssh/patches/patch-aa +++ b/security/openssh/patches/patch-aa @@ -1,8 +1,6 @@ -$NetBSD: patch-aa,v 1.29 2003/09/16 13:52:31 grant Exp $ - ---- configure.orig 2003-09-16 16:19:17.000000000 +1000 -+++ configure -@@ -4583,6 +4583,9 @@ EOF +--- configure.orig Tue Sep 23 02:55:43 2003 ++++ configure Tue Sep 23 13:27:33 2003 +@@ -4646,6 +4646,9 @@ ;; esac @@ -12,8 +10,8 @@ $NetBSD: patch-aa,v 1.29 2003/09/16 13:52:31 grant Exp $ # Allow user to specify flags # Check whether --with-cflags or --without-cflags was given. -@@ -6428,6 +6431,10 @@ echo $ECHO_N "checking for libwrap... $E - #line 6428 "configure" +@@ -6491,6 +6494,10 @@ + #line 6491 "configure" #include "confdefs.h" +#ifdef HAVE_SYS_CDEFS_H @@ -23,7 +21,7 @@ $NetBSD: patch-aa,v 1.29 2003/09/16 13:52:31 grant Exp $ #include <tcpd.h> int deny_severity = 0, allow_severity = 0; -@@ -16950,7 +16957,7 @@ echo "OpenSSH has been configured with t +@@ -17138,7 +17145,7 @@ echo " User binaries: $B" echo " System binaries: $C" echo " Configuration files: $D" diff --git a/security/openssh/patches/patch-ai b/security/openssh/patches/patch-ai deleted file mode 100644 index f7982a5b90f..00000000000 --- a/security/openssh/patches/patch-ai +++ /dev/null @@ -1,10 +0,0 @@ ---- openbsd-compat/inet_ntoa.c.orig Wed Sep 17 21:35:26 2003 -+++ openbsd-compat/inet_ntoa.c Wed Sep 17 21:35:37 2003 -@@ -43,7 +43,6 @@ - #include <netinet/in.h> - #include <arpa/inet.h> - #include <stdio.h> --#include "inet_ntoa.h" - - char *inet_ntoa(struct in_addr in) - { |