Hello community, here is the log from the commit of package libssh2_org for openSUSE:Factory checked in at 2019-06-25 22:17:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libssh2_org (Old) and /work/SRC/openSUSE:Factory/.libssh2_org.new.4615 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh2_org" Tue Jun 25 22:17:25 2019 rev:39 rq:711291 version:1.9.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libssh2_org/libssh2_org.changes 2019-04-12 09:13:06.385631691 +0200 +++ /work/SRC/openSUSE:Factory/.libssh2_org.new.4615/libssh2_org.changes 2019-06-25 22:17:27.292720639 +0200 @@ -1,0 +2,34 @@ +Thu Jun 20 11:07:36 UTC 2019 - Pedro Monreal Gonzalez <[email protected]> + +- Version update to 1.9.0: + Enhancements and bugfixes: + * adds ECDSA keys and host key support when using OpenSSL + * adds ED25519 key and host key support when using OpenSSL 1.1.1 + * adds OpenSSH style key file reading + * adds AES CTR mode support when using WinCNG + * adds PEM passphrase protected file support for Libgcrypt and WinCNG + * adds SHA256 hostkey fingerprint + * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() + * adds explicit zeroing of sensitive data in memory + * adds additional bounds checks to network buffer reads + * adds the ability to use the server default permissions when creating sftp directories + * adds support for building with OpenSSL no engine flag + * adds support for building with LibreSSL + * increased sftp packet size to 256k + * fixed oversized packet handling in sftp + * fixed building with OpenSSL 1.1 + * fixed a possible crash if sftp stat gets an unexpected response + * fixed incorrect parsing of the KEX preference string value + * fixed conditional RSA and AES-CTR support + * fixed a small memory leak during the key exchange process + * fixed a possible memory leak of the ssh banner string + * fixed various small memory leaks in the backends + * fixed possible out of bounds read when parsing public keys from the server + * fixed possible out of bounds read when parsing invalid PEM files + * no longer null terminates the scp remote exec command + * now handle errors when diffie hellman key pair generation fails + * improved building instructions + * improved unit tests +- Rebased patch libssh2-ocloexec.patch + +------------------------------------------------------------------- Old: ---- libssh2-1.8.2.tar.gz libssh2-1.8.2.tar.gz.asc New: ---- libssh2-1.9.0.tar.gz libssh2-1.9.0.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libssh2_org.spec ++++++ --- /var/tmp/diff_new_pack.3rB8UK/_old 2019-06-25 22:17:28.864723060 +0200 +++ /var/tmp/diff_new_pack.3rB8UK/_new 2019-06-25 22:17:28.896723109 +0200 @@ -18,7 +18,7 @@ %define pkg_name libssh2 Name: libssh2_org -Version: 1.8.2 +Version: 1.9.0 Release: 0 Summary: A library implementing the SSH2 protocol License: BSD-3-Clause ++++++ libssh2-1.8.2.tar.gz -> libssh2-1.9.0.tar.gz ++++++ ++++ 40398 lines of diff (skipped) ++++++ libssh2-ocloexec.patch ++++++ --- /var/tmp/diff_new_pack.3rB8UK/_old 2019-06-25 22:17:30.276725235 +0200 +++ /var/tmp/diff_new_pack.3rB8UK/_new 2019-06-25 22:17:30.292725260 +0200 @@ -9,51 +9,64 @@ src/userauth.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) -Index: libssh2-1.7.0/src/agent.c +Index: libssh2-1.9.0/src/agent.c =================================================================== ---- libssh2-1.7.0.orig/src/agent.c 2016-02-09 22:54:08.000000000 +0100 -+++ libssh2-1.7.0/src/agent.c 2016-02-23 14:36:47.133091344 +0100 -@@ -152,7 +152,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent) - return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_USE, - "no auth sock variable"); +--- libssh2-1.9.0.orig/src/agent.c ++++ libssh2-1.9.0/src/agent.c +@@ -157,7 +157,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent) + "no auth sock variable"); + } - agent->fd = socket(PF_UNIX, SOCK_STREAM, 0); + agent->fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); - if (agent->fd < 0) + if(agent->fd < 0) return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_SOCKET, "failed creating socket"); -Index: libssh2-1.7.0/src/knownhost.c +Index: libssh2-1.9.0/src/knownhost.c =================================================================== ---- libssh2-1.7.0.orig/src/knownhost.c 2015-03-19 14:01:33.000000000 +0100 -+++ libssh2-1.7.0/src/knownhost.c 2016-02-23 14:36:47.134091362 +0100 -@@ -954,7 +954,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN +--- libssh2-1.9.0.orig/src/knownhost.c ++++ libssh2-1.9.0/src/knownhost.c +@@ -963,7 +963,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN "Unsupported type of known-host information " "store"); -- file = fopen(filename, "r"); -+ file = fopen(filename, "re"); +- file = fopen(filename, FOPEN_READTEXT); ++ file = fopen(filename, FOPEN_READTEXT_CLOEXEC); if(file) { while(fgets(buf, sizeof(buf), file)) { if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) { -@@ -1178,7 +1178,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW +@@ -1204,7 +1204,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW "Unsupported type of known-host information " "store"); -- file = fopen(filename, "w"); -+ file = fopen(filename, "we"); +- file = fopen(filename, FOPEN_WRITETEXT); ++ file = fopen(filename, FOPEN_WRITETEXT_CLOEXEC); if(!file) return _libssh2_error(hosts->session, LIBSSH2_ERROR_FILE, "Failed to open file"); -Index: libssh2-1.7.0/src/userauth.c +Index: libssh2-1.9.0/src/userauth.c =================================================================== ---- libssh2-1.7.0.orig/src/userauth.c 2016-01-18 13:41:58.000000000 +0100 -+++ libssh2-1.7.0/src/userauth.c 2016-02-23 14:36:47.134091362 +0100 -@@ -538,7 +538,7 @@ file_read_publickey(LIBSSH2_SESSION * se +--- libssh2-1.9.0.orig/src/userauth.c ++++ libssh2-1.9.0/src/userauth.c +@@ -578,7 +578,7 @@ file_read_publickey(LIBSSH2_SESSION * se _libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s", pubkeyfile); /* Read Public Key */ -- fd = fopen(pubkeyfile, "r"); -+ fd = fopen(pubkeyfile, "re"); - if (!fd) { +- fd = fopen(pubkeyfile, FOPEN_READTEXT); ++ fd = fopen(pubkeyfile, FOPEN_READTEXT_CLOEXEC); + if(!fd) { return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unable to open public key file"); +Index: libssh2-1.9.0/src/libssh2_priv.h +=================================================================== +--- libssh2-1.9.0.orig/src/libssh2_priv.h ++++ libssh2-1.9.0/src/libssh2_priv.h +@@ -1138,6 +1138,8 @@ endings either CRLF or LF so 't' is appr + #define FOPEN_READTEXT "r" + #define FOPEN_WRITETEXT "w" + #define FOPEN_APPENDTEXT "a" ++#define FOPEN_READTEXT_CLOEXEC "re" ++#define FOPEN_WRITETEXT_CLOEXEC "we" + #endif + + #endif /* LIBSSH2_H */
