aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--main/openssh/APKBUILD10
-rw-r--r--main/openssh/disable-forwarding-by-default.patch16
2 files changed, 22 insertions, 4 deletions
diff --git a/main/openssh/APKBUILD b/main/openssh/APKBUILD
index 6173800049..758157e31d 100644
--- a/main/openssh/APKBUILD
+++ b/main/openssh/APKBUILD
@@ -4,7 +4,7 @@
pkgname=openssh
pkgver=7.7_p1
_myver=${pkgver%_*}${pkgver#*_}
-pkgrel=2
+pkgrel=3
pkgdesc="Port of OpenBSD's free SSH release"
url="http://www.openssh.org/portable.html"
arch="all"
@@ -33,9 +33,10 @@ source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar
openssh7.4-peaktput.patch
fix-utmp.patch
bsd-compatible-realpath.patch
+ sftp-interactive.patch
+ disable-forwarding-by-default.patch
sshd.initd
sshd.confd
- sftp-interactive.patch
"
# secfixes:
# 7.5_p1-r8:
@@ -196,6 +197,7 @@ sha512sums="597252cb48209a0cb98ca1928a67e8d63e4275252f25bc37269204c108f034baade6
398096a89aa104abeff31aa043ac406a6348e0fdd4d313b7888ee0b931d38fd71fc21bceee46145e88f03bc27e00890e068442faee2d33f86cfbc04d58ffa4b6 openssh7.4-peaktput.patch
f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 fix-utmp.patch
f2b8daa537ea3f32754a4485492cc6eb3f40133ed46c0a5a29a89e4bcf8583d82d891d94bf2e5eb1c916fa68ec094abf4e6cd641e9737a6c05053808012b3a73 bsd-compatible-realpath.patch
+c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch
+8df35d72224cd255eb0685d2c707b24e5eb24f0fdd67ca6cc0f615bdbd3eeeea2d18674a6af0c6dab74c2d8247e2370d0b755a84c99f766a431bc50c40b557de disable-forwarding-by-default.patch
bcd56bebe37acb69986abd247d6b74daf7dde1712f30640244a1dd70c505a6a536c5536bef11345e128b6785e1c8ff9736627556e702218805fb14b23bd7047c sshd.initd
-ec506156c286e5b28a530e9964dd68b7f6c9e881fbc47247a988e52a1f9cd50cbfaf4955c96774f9e2508d8b734c4abf98785fbaa75ae6249e3464b5495f1afc sshd.confd
-c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch"
+ec506156c286e5b28a530e9964dd68b7f6c9e881fbc47247a988e52a1f9cd50cbfaf4955c96774f9e2508d8b734c4abf98785fbaa75ae6249e3464b5495f1afc sshd.confd"
diff --git a/main/openssh/disable-forwarding-by-default.patch b/main/openssh/disable-forwarding-by-default.patch
new file mode 100644
index 0000000000..9d27926d9d
--- /dev/null
+++ b/main/openssh/disable-forwarding-by-default.patch
@@ -0,0 +1,16 @@
+--- openssh-7.7p1/sshd_config.old 2018-04-02 00:38:28.000000000 -0500
++++ openssh-7.7p1/sshd_config 2018-07-29 03:08:16.340000000 -0500
+@@ -82,9 +82,10 @@
+ #UsePAM no
+
+ #AllowAgentForwarding yes
+-#AllowTcpForwarding yes
+-#GatewayPorts no
+-#X11Forwarding no
++# Feel free to re-enable these if your use case requires them.
++AllowTcpForwarding no
++GatewayPorts no
++X11Forwarding no
+ #X11DisplayOffset 10
+ #X11UseLocalhost yes
+ #PermitTTY yes
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-24 17:39:47 +0000