Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/openssh: security upgrade to 7.1_p2 (CVE-2016-0777,CVE-2016-0778) | Natanael Copa | 2016-01-14 | 2 | -9/+9 |
| | | | | fixes #5014 | ||||
* | main/openssh: Added description to init.d script | Daniele Coli | 2015-10-22 | 2 | -4/+8 |
| | |||||
* | main/openssh: upgrade to 7.1_p1 | Natanael Copa | 2015-09-28 | 7 | -207/+99 |
| | |||||
* | main/openssh: enabls ssh tunneling | Natanael Copa | 2015-09-22 | 1 | -2/+2 |
| | | | | | | we need linux-headers for ssh tunneling fixes #4597 | ||||
* | openssh: fix subpackage dependencies | Eivind Uggedal | 2015-09-09 | 1 | -1/+3 |
| | |||||
* | main/openssh: openssh-sftp-server subpackage | Eivind Uggedal | 2015-09-09 | 1 | -3/+11 |
| | |||||
* | main/openssh: security fixes from upstream | Natanael Copa | 2015-08-26 | 4 | -1/+118 |
| | | | | | | | | | | | | | | | | | | | | | | | ref #4578 CVE-2015-6563: sshd(8): Portable OpenSSH only: Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit. CVE-2015-6564: sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution. Also reported by Moritz Jodeit. CVE-2015-6565: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world- writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev. | ||||
* | main/openssh: security fix for CVE-2015-5600 | Natanael Copa | 2015-07-30 | 2 | -1/+44 |
| | | | | ref #4473 | ||||
* | main/openssh: upgrade to 6.9_p1 | Natanael Copa | 2015-07-15 | 2 | -114/+159 |
| | |||||
* | main/openssh: add support for disable keygen | Natanael Copa | 2015-05-21 | 2 | -37/+38 |
| | | | | | | | | | Add support for SSHD_DISABLE_KEYGEN in /etc/conf.d/sshd to make it possible disable host key generation at startup. Also sync with gentoo's init.d script fixes #4171 | ||||
* | main/*: replace all sbin/runscript with sbin/openrc-run | Natanael Copa | 2015-04-28 | 2 | -5/+5 |
| | |||||
* | main/openssh: upgrade to 6.8p1 | Timo Teräs | 2015-03-19 | 4 | -184/+152 |
| | | | | rebase manually the hpn patch | ||||
* | main/openssh: upgrade to 6.7p1 | Timo Teräs | 2014-11-21 | 4 | -458/+142 |
| | |||||
* | main/openssh: flush stdout for interactive sftp | Peter Bui | 2014-10-30 | 2 | -4/+22 |
| | | | | | | Previously, the "sftp> " prompt would only appear after a command was entered. This simply calls fflush on stdout to force the prompt to appear during interactive mode. | ||||
* | main/openssh: curve25519pad patch added | Johannes Matheis | 2014-09-03 | 2 | -4/+177 |
| | | | | | | | | | | | | https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032494.html: > bad bignum encoding for curve25519-sha256@libssh.org >[...] > So I screwed up when writing the support for the curve25519 KEX method > that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left > leading zero bytes where they should have been skipped. The impact of > this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a > peer that implements curve25519-sha256@libssh.org properly about 0.2% > of the time (one in every 512ish connections). | ||||
* | main/openssh: move ssh-keysign to separate subpackage | Natanael Copa | 2014-08-27 | 1 | -4/+10 |
| | | | | | | | | | This is a helper utility for host-based authentication, which is disabled by default and normally not needed. We move it to subpackage because it is suid root. fixes #3311 | ||||
* | main/openssh: disable wtmp | Natanael Copa | 2014-05-27 | 1 | -1/+2 |
| | | | | fixes #2744 | ||||
* | main/openssh: security fix for CVE-2014-2653 | Timo Teräs | 2014-04-18 | 3 | -36/+89 |
| | | | | | patch cherry-picked from debian also delete the obsolete old CVE patch (6.6 has the fix builtin) | ||||
* | main/openssh: generate ed25519 host key | Eivind Uggedal | 2014-04-04 | 2 | -5/+5 |
| | |||||
* | openssh: upgrade to 6.2 | Natanael Copa | 2014-04-03 | 4 | -362/+212 |
| | |||||
* | main/openssh: security fix for CVE-2014-2532 | Bartłomiej Piotrowski | 2014-03-26 | 2 | -4/+38 |
| | |||||
* | main/openssh: upgrade to 6.4_p1 | Natanael Copa | 2013-11-08 | 1 | -5/+5 |
| | |||||
* | main/openssh: fix build | Timo Teräs | 2013-09-20 | 1 | -1/+0 |
| | | | | | openssh got upgraded since my last musl build, and had config.sub updated. remove the now unneeded update_config_sub check. | ||||
* | main/openssh: fix build against musl | Timo Teräs | 2013-09-20 | 3 | -1/+43 |
| | |||||
* | main/openssh: update checksums | Bartłomiej Piotrowski | 2013-09-14 | 1 | -3/+3 |
| | |||||
* | main/openssh: rebase openssh-peaktput.diff | Bartłomiej Piotrowski | 2013-09-14 | 1 | -1/+1 |
| | |||||
* | main/openssh: upgrade to 6.3_p1 | Bartłomiej Piotrowski | 2013-09-14 | 2 | -12/+13 |
| | |||||
* | Revert "main/openssh: upgrade to 6.3_p1" | Bartłomiej Piotrowski | 2013-09-14 | 2 | -9/+9 |
| | | | | This reverts commit 4f91876c99dba7e38c09a2c0dc87c5ff4f148461. | ||||
* | main/openssh: upgrade to 6.3_p1 | Bartłomiej Piotrowski | 2013-09-14 | 2 | -9/+9 |
| | |||||
* | main/openssh: reintroduce dynwindows HPN patch | Natanael Copa | 2013-09-02 | 2 | -869/+265 |
| | |||||
* | main/openssh: disable reverse DNS lookup | Leonardo Arena | 2013-08-23 | 1 | -1/+2 |
| | |||||
* | main/openssh: remove references to missing patches | Natanael Copa | 2013-08-16 | 1 | -8/+0 |
| | |||||
* | [all autotools packages]: normalize ./configure | Timo Teräs | 2013-07-30 | 1 | -11/+22 |
| | |||||
* | main/openssh: upgrade to 6.2_p2 | Bartłomiej Piotrowski | 2013-05-17 | 1 | -8/+5 |
| | |||||
* | main/openssh: upgrade to 6.2_p1 | Timo Teräs | 2013-04-12 | 2 | -87/+103 |
| | | | | rebase dynwindow patch. | ||||
* | main/openssh: remove libcrypto1.0 from deps | Carlo Landmeter | 2013-02-08 | 1 | -2/+2 |
| | |||||
* | main/openssh: add contrib scripts | Carlo Landmeter | 2013-01-07 | 1 | -11/+21 |
| | |||||
* | main/openssh: upgrade to 6.1 | Timo Teräs | 2012-09-04 | 3 | -152/+110 |
| | | | | * rebase hpn dynamic window patch | ||||
* | main/openssh: upgrade to 6.0p1 | Timo Teräs | 2012-08-02 | 5 | -34/+21 |
| | | | | | | | * also add support for hmac oneshot mode (requires patched openssl; we have these patches in Alpine) * rebase hpn patches * remove obsolete patch (upstreamed) | ||||
* | main/openssh: fix openssl abi compatibility detection (for openssl-1.0+) | Timo Teräs | 2012-03-28 | 2 | -1/+23 |
| | |||||
* | main/openssh: fix init.d script | Natanael Copa | 2012-01-19 | 2 | -16/+17 |
| | | | | | - properly kill established ssh connections on shutdown - do not use $opts in init.d script. ref #943 | ||||
* | main/openssh: upgrade to 5.9p1 (and rebase hpn patches we use) | Timo Teräs | 2012-01-17 | 3 | -7/+1739 |
| | |||||
* | main/openssh: do not try kill nonexisting sshd session on shutdown | Natanael Copa | 2011-10-21 | 2 | -3/+5 |
| | | | | | Fixes the error message on shutdown: sh: you need to specify whom to kill | ||||
* | main/openssh: fix circular dep | Natanael Copa | 2011-07-23 | 1 | -1/+2 |
| | |||||
* | main/openssh: upgrade to 5.8_p2 | Natanael Copa | 2011-05-03 | 1 | -3/+3 |
| | |||||
* | main/openssh: drop connections on reboot/halt | Matt Smith | 2011-03-31 | 2 | -2/+9 |
| | |||||
* | main/openssh: generate ecdsa host key | Natanael Copa | 2011-02-26 | 2 | -17/+21 |
| | |||||
* | main/openssh: upgrade to 5.8_p1 | Natanael Copa | 2011-02-18 | 1 | -7/+7 |
| | |||||
* | Set all packages with arch="x86 x86_64" to arch="all". | William Pitcock | 2011-01-13 | 1 | -1/+1 |
| | |||||
* | main/*: add arch | Natanael Copa | 2010-12-13 | 1 | -0/+1 |
| |