aboutsummaryrefslogtreecommitdiffstats
path: root/main/openssh
Commit message (Collapse)AuthorAgeFilesLines
* main/openssh: security fix for CVE-2016-6515Natanael Copa2016-08-172-4/+56
| | | | fixes #6043
* main/openssh: security fix (CVE-2016-6210). Fixes #5929Leonardo Arena2016-08-053-5/+236
| | | | | (cherry picked from commit 1a6c29da7c4a7e3d05009f4ea2b940878b57ac81) (cherry picked from commit cf8a8f7b76eebaebfdb148506df212cd8e61a37b)
* main/openssh: security fix (CVE-2016-3115). Fixes #5287Leonardo Arena2016-03-222-4/+88
|
* main/openssh: security fix for CVE-2016-0777 and CVE-2016-0778Natanael Copa2016-01-142-4/+48
| | | | | | | | | | | | | | | | | | CVE-2016-0777 An information leak (memory disclosure) can be exploited by a rogue SSH server to trick a client into leaking sensitive data from the client memory, including for example private keys. CVE-2016-0778 A buffer overflow (leading to file descriptor leak), can also be exploited by a rogue SSH server, but due to another bug in the code is possibly not exploitable, and only under certain conditions (not the default configuration), when using ProxyCommand, ForwardAgent or ForwardX11. fixes #5017
* main/openssh: security fixes from upstreamNatanael Copa2015-08-264-4/+158
| | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #4581 CVE-2015-6563: sshd(8): Portable OpenSSH only: Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit. CVE-2015-6564: sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution. Also reported by Moritz Jodeit. CVE-2015-6565: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world- writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev. (cherry picked from commit 26c30cf5be4151eee04678ad118d056de0601833) Conflicts: main/openssh/APKBUILD
* main/openssh: security fix for CVE-2015-5600Natanael Copa2015-07-302-3/+54
| | | | fixes #4476
* main/openssh: upgrade to 6.7p1Timo Teräs2014-11-214-458/+142
|
* main/openssh: flush stdout for interactive sftpPeter Bui2014-10-302-4/+22
| | | | | | Previously, the "sftp> " prompt would only appear after a command was entered. This simply calls fflush on stdout to force the prompt to appear during interactive mode.
* main/openssh: curve25519pad patch addedJohannes Matheis2014-09-032-4/+177
| | | | | | | | | | | | https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032494.html: > bad bignum encoding for curve25519-sha256@libssh.org >[...] > So I screwed up when writing the support for the curve25519 KEX method > that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left > leading zero bytes where they should have been skipped. The impact of > this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a > peer that implements curve25519-sha256@libssh.org properly about 0.2% > of the time (one in every 512ish connections).
* main/openssh: move ssh-keysign to separate subpackageNatanael Copa2014-08-271-4/+10
| | | | | | | | | This is a helper utility for host-based authentication, which is disabled by default and normally not needed. We move it to subpackage because it is suid root. fixes #3311
* main/openssh: disable wtmpNatanael Copa2014-05-271-1/+2
| | | | fixes #2744
* main/openssh: security fix for CVE-2014-2653Timo Teräs2014-04-183-36/+89
| | | | | patch cherry-picked from debian also delete the obsolete old CVE patch (6.6 has the fix builtin)
* main/openssh: generate ed25519 host keyEivind Uggedal2014-04-042-5/+5
|
* openssh: upgrade to 6.2Natanael Copa2014-04-034-362/+212
|
* main/openssh: security fix for CVE-2014-2532Bartłomiej Piotrowski2014-03-262-4/+38
|
* main/openssh: upgrade to 6.4_p1Natanael Copa2013-11-081-5/+5
|
* main/openssh: fix buildTimo Teräs2013-09-201-1/+0
| | | | | openssh got upgraded since my last musl build, and had config.sub updated. remove the now unneeded update_config_sub check.
* main/openssh: fix build against muslTimo Teräs2013-09-203-1/+43
|
* main/openssh: update checksumsBartłomiej Piotrowski2013-09-141-3/+3
|
* main/openssh: rebase openssh-peaktput.diffBartłomiej Piotrowski2013-09-141-1/+1
|
* main/openssh: upgrade to 6.3_p1Bartłomiej Piotrowski2013-09-142-12/+13
|
* Revert "main/openssh: upgrade to 6.3_p1"Bartłomiej Piotrowski2013-09-142-9/+9
| | | | This reverts commit 4f91876c99dba7e38c09a2c0dc87c5ff4f148461.
* main/openssh: upgrade to 6.3_p1Bartłomiej Piotrowski2013-09-142-9/+9
|
* main/openssh: reintroduce dynwindows HPN patchNatanael Copa2013-09-022-869/+265
|
* main/openssh: disable reverse DNS lookupLeonardo Arena2013-08-231-1/+2
|
* main/openssh: remove references to missing patchesNatanael Copa2013-08-161-8/+0
|
* [all autotools packages]: normalize ./configureTimo Teräs2013-07-301-11/+22
|
* main/openssh: upgrade to 6.2_p2Bartłomiej Piotrowski2013-05-171-8/+5
|
* main/openssh: upgrade to 6.2_p1Timo Teräs2013-04-122-87/+103
| | | | rebase dynwindow patch.
* main/openssh: remove libcrypto1.0 from depsCarlo Landmeter2013-02-081-2/+2
|
* main/openssh: add contrib scriptsCarlo Landmeter2013-01-071-11/+21
|
* main/openssh: upgrade to 6.1Timo Teräs2012-09-043-152/+110
| | | | * rebase hpn dynamic window patch
* main/openssh: upgrade to 6.0p1Timo Teräs2012-08-025-34/+21
| | | | | | | * also add support for hmac oneshot mode (requires patched openssl; we have these patches in Alpine) * rebase hpn patches * remove obsolete patch (upstreamed)
* main/openssh: fix openssl abi compatibility detection (for openssl-1.0+)Timo Teräs2012-03-282-1/+23
|
* main/openssh: fix init.d scriptNatanael Copa2012-01-192-16/+17
| | | | | - properly kill established ssh connections on shutdown - do not use $opts in init.d script. ref #943
* main/openssh: upgrade to 5.9p1 (and rebase hpn patches we use)Timo Teräs2012-01-173-7/+1739
|
* main/openssh: do not try kill nonexisting sshd session on shutdownNatanael Copa2011-10-212-3/+5
| | | | | Fixes the error message on shutdown: sh: you need to specify whom to kill
* main/openssh: fix circular depNatanael Copa2011-07-231-1/+2
|
* main/openssh: upgrade to 5.8_p2Natanael Copa2011-05-031-3/+3
|
* main/openssh: drop connections on reboot/haltMatt Smith2011-03-312-2/+9
|
* main/openssh: generate ecdsa host keyNatanael Copa2011-02-262-17/+21
|
* main/openssh: upgrade to 5.8_p1Natanael Copa2011-02-181-7/+7
|
* Set all packages with arch="x86 x86_64" to arch="all".William Pitcock2011-01-131-1/+1
|
* main/*: add archNatanael Copa2010-12-131-0/+1
|
* main/openssh: apply HPN patches for speed improvementNatanael Copa2010-10-141-5/+29
| | | | | | http://www.psc.edu/networking/projects/hpn-ssh/faq.php fixes #441
* main/openssh: upgrade to 5.6_p1Natanael Copa2010-08-231-2/+2
|
* main/openssh: upgrade to 5.5_p1Natanael Copa2010-05-271-3/+3
|
* main/[various]: rebuild against openssl-1.0Natanael Copa2010-05-141-1/+1
|
* main/[various]: bump pkgrel to force rebuild against nptlNatanael Copa2010-05-041-1/+1
|
* Revert "main/openssh: kill current ssh sessions on stop"Natanael Copa2010-03-162-11/+3
| | | | This reverts commit ae99c382f78b1582b1528c2ce03570605c845503.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 18:03:18 +0000