Update to 7.1p1:

Changes since OpenSSH 7.0
=========================

This is a bugfix release.

Security
--------

 * sshd(8): OpenSSH 7.0 contained a logic error in PermitRootLogin=
   prohibit-password/without-password that could, depending on
   compile-time configuration, permit password authentication to
   root while preventing other forms of authentication. This problem
   was reported by Mantas Mikulenas.

Bugfixes
--------

 * ssh(1), sshd(8): add compatability workarounds for FuTTY

 * ssh(1), sshd(8): refine compatability workarounds for WinSCP

 * Fix a number of memory faults (double-free, free of uninitialised
   memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz
   Kocielski.

1 files changed, 0 insertions, 32 deletions

diff --git a/security/openssh/patches/patch-auth2-chall.c b/security/openssh/patches/patch-auth2-chall.c
deleted file mode 100644
index 4bd9a792f10..00000000000
--- a/security/openssh/patches/patch-auth2-chall.c
+++ /dev/null
@@ -1,32 +0,0 @@
-$NetBSD: patch-auth2-chall.c,v 1.1 2015/07/30 03:20:36 taca Exp $
-
-Fix for CVE-2015-5600 from FreeBSD via NetBSD base.
-
---- auth2-chall.c.orig	2015-07-01 02:35:31.000000000 +0000
-+++ auth2-chall.c
-@@ -83,6 +83,7 @@ struct KbdintAuthctxt
- 	void *ctxt;
- 	KbdintDevice *device;
- 	u_int nreq;
-+	u_int devices_done;
- };
- 
- #ifdef USE_PAM
-@@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, K
- 		if (len == 0)
- 			break;
- 		for (i = 0; devices[i]; i++) {
--			if (!auth2_method_allowed(authctxt,
-+			if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
-+			    !auth2_method_allowed(authctxt,
- 			    "keyboard-interactive", devices[i]->name))
- 				continue;
--			if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
-+			if (strncmp(kbdintctxt->devices, devices[i]->name,
-+			    len) == 0) {
- 				kbdintctxt->device = devices[i];
-+				kbdintctxt->devices_done |= 1 << i;
-+			}
- 		}
- 		t = kbdintctxt->devices;
- 		kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;