aboutsummaryrefslogtreecommitdiffstats
path: root/main/openssh
Commit message (Collapse)AuthorAgeFilesLines
* main/openssh: security upgrade to 7.2_p2, closed ↵Valery Kartel2016-03-182-9/+9
| | | | http://www.openssh.com/txt/x11fwd.adv
* main/openssh: upgrade to 7.2_p1Valery Kartel2016-03-013-16/+16
|
* main/openssh: security upgrade to 7.1_p2 (CVE-2016-0777,CVE-2016-0778)Natanael Copa2016-01-142-9/+9
| | | | fixes #5014
* main/openssh: Added description to init.d scriptDaniele Coli2015-10-222-4/+8
|
* main/openssh: upgrade to 7.1_p1Natanael Copa2015-09-287-207/+99
|
* main/openssh: enabls ssh tunnelingNatanael Copa2015-09-221-2/+2
| | | | | | we need linux-headers for ssh tunneling fixes #4597
* openssh: fix subpackage dependenciesEivind Uggedal2015-09-091-1/+3
|
* main/openssh: openssh-sftp-server subpackageEivind Uggedal2015-09-091-3/+11
|
* main/openssh: security fixes from upstreamNatanael Copa2015-08-264-1/+118
| | | | | | | | | | | | | | | | | | | | | | | ref #4578 CVE-2015-6563: sshd(8): Portable OpenSSH only: Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit. CVE-2015-6564: sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution. Also reported by Moritz Jodeit. CVE-2015-6565: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world- writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev.
* main/openssh: security fix for CVE-2015-5600Natanael Copa2015-07-302-1/+44
| | | | ref #4473
* main/openssh: upgrade to 6.9_p1Natanael Copa2015-07-152-114/+159
|
* main/openssh: add support for disable keygenNatanael Copa2015-05-212-37/+38
| | | | | | | | | Add support for SSHD_DISABLE_KEYGEN in /etc/conf.d/sshd to make it possible disable host key generation at startup. Also sync with gentoo's init.d script fixes #4171
* main/*: replace all sbin/runscript with sbin/openrc-runNatanael Copa2015-04-282-5/+5
|
* main/openssh: upgrade to 6.8p1Timo Teräs2015-03-194-184/+152
| | | | rebase manually the hpn patch
* main/openssh: upgrade to 6.7p1Timo Teräs2014-11-214-458/+142
|
* main/openssh: flush stdout for interactive sftpPeter Bui2014-10-302-4/+22
| | | | | | Previously, the "sftp> " prompt would only appear after a command was entered. This simply calls fflush on stdout to force the prompt to appear during interactive mode.
* main/openssh: curve25519pad patch addedJohannes Matheis2014-09-032-4/+177
| | | | | | | | | | | | https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032494.html: > bad bignum encoding for curve25519-sha256@libssh.org >[...] > So I screwed up when writing the support for the curve25519 KEX method > that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left > leading zero bytes where they should have been skipped. The impact of > this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a > peer that implements curve25519-sha256@libssh.org properly about 0.2% > of the time (one in every 512ish connections).
* main/openssh: move ssh-keysign to separate subpackageNatanael Copa2014-08-271-4/+10
| | | | | | | | | This is a helper utility for host-based authentication, which is disabled by default and normally not needed. We move it to subpackage because it is suid root. fixes #3311
* main/openssh: disable wtmpNatanael Copa2014-05-271-1/+2
| | | | fixes #2744
* main/openssh: security fix for CVE-2014-2653Timo Teräs2014-04-183-36/+89
| | | | | patch cherry-picked from debian also delete the obsolete old CVE patch (6.6 has the fix builtin)
* main/openssh: generate ed25519 host keyEivind Uggedal2014-04-042-5/+5
|
* openssh: upgrade to 6.2Natanael Copa2014-04-034-362/+212
|
* main/openssh: security fix for CVE-2014-2532Bartłomiej Piotrowski2014-03-262-4/+38
|
* main/openssh: upgrade to 6.4_p1Natanael Copa2013-11-081-5/+5
|
* main/openssh: fix buildTimo Teräs2013-09-201-1/+0
| | | | | openssh got upgraded since my last musl build, and had config.sub updated. remove the now unneeded update_config_sub check.
* main/openssh: fix build against muslTimo Teräs2013-09-203-1/+43
|
* main/openssh: update checksumsBartłomiej Piotrowski2013-09-141-3/+3
|
* main/openssh: rebase openssh-peaktput.diffBartłomiej Piotrowski2013-09-141-1/+1
|
* main/openssh: upgrade to 6.3_p1Bartłomiej Piotrowski2013-09-142-12/+13
|
* Revert "main/openssh: upgrade to 6.3_p1"Bartłomiej Piotrowski2013-09-142-9/+9
| | | | This reverts commit 4f91876c99dba7e38c09a2c0dc87c5ff4f148461.
* main/openssh: upgrade to 6.3_p1Bartłomiej Piotrowski2013-09-142-9/+9
|
* main/openssh: reintroduce dynwindows HPN patchNatanael Copa2013-09-022-869/+265
|
* main/openssh: disable reverse DNS lookupLeonardo Arena2013-08-231-1/+2
|
* main/openssh: remove references to missing patchesNatanael Copa2013-08-161-8/+0
|
* [all autotools packages]: normalize ./configureTimo Teräs2013-07-301-11/+22
|
* main/openssh: upgrade to 6.2_p2Bartłomiej Piotrowski2013-05-171-8/+5
|
* main/openssh: upgrade to 6.2_p1Timo Teräs2013-04-122-87/+103
| | | | rebase dynwindow patch.
* main/openssh: remove libcrypto1.0 from depsCarlo Landmeter2013-02-081-2/+2
|
* main/openssh: add contrib scriptsCarlo Landmeter2013-01-071-11/+21
|
* main/openssh: upgrade to 6.1Timo Teräs2012-09-043-152/+110
| | | | * rebase hpn dynamic window patch
* main/openssh: upgrade to 6.0p1Timo Teräs2012-08-025-34/+21
| | | | | | | * also add support for hmac oneshot mode (requires patched openssl; we have these patches in Alpine) * rebase hpn patches * remove obsolete patch (upstreamed)
* main/openssh: fix openssl abi compatibility detection (for openssl-1.0+)Timo Teräs2012-03-282-1/+23
|
* main/openssh: fix init.d scriptNatanael Copa2012-01-192-16/+17
| | | | | - properly kill established ssh connections on shutdown - do not use $opts in init.d script. ref #943
* main/openssh: upgrade to 5.9p1 (and rebase hpn patches we use)Timo Teräs2012-01-173-7/+1739
|
* main/openssh: do not try kill nonexisting sshd session on shutdownNatanael Copa2011-10-212-3/+5
| | | | | Fixes the error message on shutdown: sh: you need to specify whom to kill
* main/openssh: fix circular depNatanael Copa2011-07-231-1/+2
|
* main/openssh: upgrade to 5.8_p2Natanael Copa2011-05-031-3/+3
|
* main/openssh: drop connections on reboot/haltMatt Smith2011-03-312-2/+9
|
* main/openssh: generate ecdsa host keyNatanael Copa2011-02-262-17/+21
|
* main/openssh: upgrade to 5.8_p1Natanael Copa2011-02-181-7/+7
|