Hello community,
here is the log from the commit of package openssh for openSUSE:Factory checked
in at 2014-03-01 21:20:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openssh (Old)
and /work/SRC/openSUSE:Factory/.openssh.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssh"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openssh/openssh.changes 2014-02-21
19:52:30.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.openssh.new/openssh.changes 2014-03-01
21:20:17.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Feb 28 12:59:27 UTC 2014 - pce...@suse.com
+
+- re-enabling FIPS-enablement patch
+- enable X11 forwarding when IPv6 is present but disabled on server
+ (bnc#712683, FATE#31503; -X_forward_with_disabled_ipv6.patch)
+
+-------------------------------------------------------------------
New:
----
openssh-6.5p1-X_forward_with_disabled_ipv6.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openssh.spec ++++++
--- /var/tmp/diff_new_pack.mZsbQj/_old 2014-03-01 21:20:19.000000000 +0100
+++ /var/tmp/diff_new_pack.mZsbQj/_new 2014-03-01 21:20:19.000000000 +0100
@@ -143,6 +143,7 @@
Patch33: openssh-6.5p1-sftp_homechroot.patch
Patch34: openssh-6.5p1-sftp_force_permissions.patch
Patch35: openssh-6.5p1-seccomp_getuid.patch
+Patch36: openssh-6.5p1-X_forward_with_disabled_ipv6.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -194,7 +195,9 @@
%patch24 -p2
%patch25 -p2
%patch26 -p2
-#patch27 -p2
+%if 0%{?suse_version} > 1310
+%patch27 -p2
+%endif
#patch28 -p2
%patch29 -p2
%patch30 -p2
@@ -203,6 +206,7 @@
%patch33 -p2
%patch34 -p2
%patch35 -p2
+%patch36 -p2
cp %{SOURCE3} %{SOURCE4} .
%build
++++++ openssh-6.5p1-X_forward_with_disabled_ipv6.patch ++++++
# HG changeset patch
# Parent d7526bd96e81981aa3c94b7695a3f4009a2c176b
Do not throw away already open sockets for X11 forwarding if another socket
family is not available for bind()
diff --git a/openssh-6.5p1/channels.c b/openssh-6.5p1/channels.c
--- a/openssh-6.5p1/channels.c
+++ b/openssh-6.5p1/channels.c
@@ -3475,22 +3475,24 @@ x11_create_display_inet(int x11_display_
}
if (ai->ai_family == AF_INET6)
sock_set_v6only(sock);
if (x11_use_localhost)
channel_set_reuseaddr(sock);
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
debug2("bind port %d: %.100s", port,
strerror(errno));
close(sock);
-
+ continue;
+ /* do not remove successfully opened sockets
for (n = 0; n < num_socks; n++) {
close(socks[n]);
}
num_socks = 0;
break;
+ */
}
socks[num_socks++] = sock;
if (num_socks == NUM_SOCKS)
break;
}
freeaddrinfo(aitop);
if (num_socks > 0)
break;
++++++ openssh-6.5p1-audit6-server_key_destruction.patch ++++++
--- /var/tmp/diff_new_pack.mZsbQj/_old 2014-03-01 21:20:19.000000000 +0100
+++ /var/tmp/diff_new_pack.mZsbQj/_new 2014-03-01 21:20:19.000000000 +0100
@@ -164,7 +164,7 @@
diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c
--- a/openssh-6.5p1/key.c
+++ b/openssh-6.5p1/key.c
-@@ -1959,16 +1959,41 @@ key_demote(const Key *k)
+@@ -1959,16 +1959,43 @@ key_demote(const Key *k)
fatal("key_demote: bad key type %d", k->type);
break;
}
@@ -190,9 +190,11 @@
+ case KEY_ECDSA:
+ return EC_KEY_get0_private_key(k->ecdsa) != NULL;
+#endif
++ case KEY_ED25519_CERT:
++ case KEY_ED25519:
++ return k->ed25519_sk != NULL;
+ default:
-+ /* fatal("key_is_private: bad key type %d", k->type); */
-+ debug2("key_is_private: bad key type %d", k->type);
++ fatal("key_is_private: bad key type %d", k->type);
+ return 1;
+ }
+}
++++++ openssh-6.5p1-fips.patch ++++++
++++ 705 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/openssh/openssh-6.5p1-fips.patch
++++ and /work/SRC/openSUSE:Factory/.openssh.new/openssh-6.5p1-fips.patch
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
