summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorseb <seb@pkgsrc.org>2004-03-12 16:40:08 +0000
committerseb <seb@pkgsrc.org>2004-03-12 16:40:08 +0000
commit9fca7358bd51252952f02eb00465edc111f96c5d (patch)
tree71c953095c8214f71e6c4a023127fa9eadf02f2f /security
parent84043ad53e378894ffd4eaf92bc4c00bd9a736c9 (diff)
downloadpkgsrc-9fca7358bd51252952f02eb00465edc111f96c5d.tar.gz
Update to version 3.2.9.1.
While here bl3ify. Changes since previously packaged version (3.2.5): 2003-12-03 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.9.1. * non-commercial: removed cert hash compat stuff, which broke compilation. 2003-09-26 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.9. * ssh2,sshd2: (by Patrick Irwin): Critical security fix: fixed several bugs in ASN.1 decoding functionality, which were caused by invalid assumptions on the format of input BER data. Certificates malformed in certain ways could cause a crash or buffer overflow. No known exploits at this time, but you are strongly advised to upgrade. Admins unwilling or unable to upgrade need to disable certificates, but this may not be enough for "hostbased" authentication. "publickey" auth should be safe even with the old version with certificates disabled. Clients are probably vulnerable against malicious servers in the initial key exchange regardless of configuration. Users of noncommercial version are not affected by this vulnerability. 2003-09-25 Sami J. Lehtinen <sjl@ssh.com> * sshd2, ssh2: Implemented DisableVersionFallback, with which you can disable fallback compatibility code for older, or otherwise incompatible versions of software. Don't disable unless you know what you're doing. See sshd2_config(5) for details. For really paranoid people (using this option will probably hurt usability somewhat, especially in environments where multiple versions of SSH are used from different vendors). * sshd2, ssh2: Implemented Cert.RSA.Compat.HashScheme. Older SSH Secure Shell clients and servers used hashes in an incoherent manner (sometimes MD5, sometimes SHA-1). With this option, you can set what hash is used. See sshd2_config(5) for details. * Previous: ssh-3.2.8. 2003-08-07 Tomi Salo <ttsalo@ssh.com> * Added a new general configuration option, MaxCRLSize. This sets the maximum size for CRLs and CA certs used in validating received certificates. (The size is the total size of all CRLs and certs, not the maximum individual size.) 2003-06-11 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.7. * ssh-signer2: Fixed a bug, which caused the application to intermittently call fatal because the read() operation was interrupted by a signal (SIGCHLD). 2003-06-04 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.6. * SecurID certified binaries, no code changes.
Diffstat (limited to 'security')
-rw-r--r--security/ssh2/Makefile.common13
-rw-r--r--security/ssh2/distinfo6
2 files changed, 9 insertions, 10 deletions
diff --git a/security/ssh2/Makefile.common b/security/ssh2/Makefile.common
index 9d53ffcf29c..17cd595f5d2 100644
--- a/security/ssh2/Makefile.common
+++ b/security/ssh2/Makefile.common
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.6 2004/01/07 02:21:17 jlam Exp $
+# $NetBSD: Makefile.common,v 1.7 2004/03/12 16:40:08 seb Exp $
#
-DISTNAME= ssh-3.2.5
+DISTNAME= ssh-3.2.9.1
CATEGORIES= security
MASTER_SITES= ftp://ftp.ssh.com/pub/ssh/
@@ -11,7 +11,7 @@ HOMEPAGE= http://www.ssh.com
CONFLICTS+= openssh-[0-9]* ssh6-[0-9]* ssh-[0-9]* sftp-[0-9]*
CONFLICTS+= openssh+gssapi-[0-9]*
-USE_BUILDLINK2= YES
+USE_BUILDLINK3= YES
USE_PKGINSTALL= YES
GNU_CONFIGURE= YES
@@ -82,19 +82,18 @@ FILES_SUBST= SSH_PID_DIR=${SSH_PID_DIR}
OWN_DIRS= ${PKG_SYSCONFDIR}/knownhosts
OWN_DIRS+= ${PKG_SYSCONFDIR}/hostkeys
-DOCSDIR= ${PREFIX}/share/doc/${PKGBASE}
DOCS= CHANGES FAQ HOWTO.anonymous.sftp INSTALL LICENSE \
NEWS README REGEX-SYNTAX SSH2.QUICKSTART \
RFC.authorization_program_protocol \
RFC.kbdint_plugin_protocol
+INSTALLATION_DIRS+= share/doc/${PKGBASE}
post-install:
- ${INSTALL_DATA_DIR} ${DOCSDIR}
.for FILE in ${DOCS}
- ${INSTALL_DATA} ${WRKSRC}/${FILE} ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/${FILE} ${PREFIX}/share/doc/${PKGBASE}
.endfor
.for FILE in ${EGFILES}
${INSTALL_DATA} ${WRKSRC}/${FILE} ${EGDIR}
.endfor
-.include "../../security/tcp_wrappers/buildlink2.mk"
+.include "../../security/tcp_wrappers/buildlink3.mk"
diff --git a/security/ssh2/distinfo b/security/ssh2/distinfo
index c6921759b90..803a57a80b9 100644
--- a/security/ssh2/distinfo
+++ b/security/ssh2/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.5 2003/08/12 19:08:55 seb Exp $
+$NetBSD: distinfo,v 1.6 2004/03/12 16:40:09 seb Exp $
-SHA1 (ssh-3.2.5.tar.gz) = 390023a395a6b4cfd42bf0e37b472f0ca44791ce
-Size (ssh-3.2.5.tar.gz) = 2258425 bytes
+SHA1 (ssh-3.2.9.1.tar.gz) = 22e4589c889aef18e53a8942716084f0d8ede7db
+Size (ssh-3.2.9.1.tar.gz) = 2269281 bytes
SHA1 (patch-aa) = 34353e23d81916202216dc401e99f17b08f3d6fb
SHA1 (patch-ab) = 314e2e4165fb1d429297f235c9712ddc0d924865
SHA1 (patch-ac) = d5b564f88105cc2ac58577d37a1b336ce78c1393