Hello community, here is the log from the commit of package openssh for openSUSE:Factory checked in at 2014-03-01 21:20:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssh (Old) and /work/SRC/openSUSE:Factory/.openssh.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssh" Changes: -------- --- /work/SRC/openSUSE:Factory/openssh/openssh.changes 2014-02-21 19:52:30.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openssh.new/openssh.changes 2014-03-01 21:20:17.000000000 +0100 @@ -1,0 +2,7 @@ +Fri Feb 28 12:59:27 UTC 2014 - pce...@suse.com + +- re-enabling FIPS-enablement patch +- enable X11 forwarding when IPv6 is present but disabled on server + (bnc#712683, FATE#31503; -X_forward_with_disabled_ipv6.patch) + +------------------------------------------------------------------- New: ---- openssh-6.5p1-X_forward_with_disabled_ipv6.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssh.spec ++++++ --- /var/tmp/diff_new_pack.mZsbQj/_old 2014-03-01 21:20:19.000000000 +0100 +++ /var/tmp/diff_new_pack.mZsbQj/_new 2014-03-01 21:20:19.000000000 +0100 @@ -143,6 +143,7 @@ Patch33: openssh-6.5p1-sftp_homechroot.patch Patch34: openssh-6.5p1-sftp_force_permissions.patch Patch35: openssh-6.5p1-seccomp_getuid.patch +Patch36: openssh-6.5p1-X_forward_with_disabled_ipv6.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -194,7 +195,9 @@ %patch24 -p2 %patch25 -p2 %patch26 -p2 -#patch27 -p2 +%if 0%{?suse_version} > 1310 +%patch27 -p2 +%endif #patch28 -p2 %patch29 -p2 %patch30 -p2 @@ -203,6 +206,7 @@ %patch33 -p2 %patch34 -p2 %patch35 -p2 +%patch36 -p2 cp %{SOURCE3} %{SOURCE4} . %build ++++++ openssh-6.5p1-X_forward_with_disabled_ipv6.patch ++++++ # HG changeset patch # Parent d7526bd96e81981aa3c94b7695a3f4009a2c176b Do not throw away already open sockets for X11 forwarding if another socket family is not available for bind() diff --git a/openssh-6.5p1/channels.c b/openssh-6.5p1/channels.c --- a/openssh-6.5p1/channels.c +++ b/openssh-6.5p1/channels.c @@ -3475,22 +3475,24 @@ x11_create_display_inet(int x11_display_ } if (ai->ai_family == AF_INET6) sock_set_v6only(sock); if (x11_use_localhost) channel_set_reuseaddr(sock); if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { debug2("bind port %d: %.100s", port, strerror(errno)); close(sock); - + continue; + /* do not remove successfully opened sockets for (n = 0; n < num_socks; n++) { close(socks[n]); } num_socks = 0; break; + */ } socks[num_socks++] = sock; if (num_socks == NUM_SOCKS) break; } freeaddrinfo(aitop); if (num_socks > 0) break; ++++++ openssh-6.5p1-audit6-server_key_destruction.patch ++++++ --- /var/tmp/diff_new_pack.mZsbQj/_old 2014-03-01 21:20:19.000000000 +0100 +++ /var/tmp/diff_new_pack.mZsbQj/_new 2014-03-01 21:20:19.000000000 +0100 @@ -164,7 +164,7 @@ diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c --- a/openssh-6.5p1/key.c +++ b/openssh-6.5p1/key.c -@@ -1959,16 +1959,41 @@ key_demote(const Key *k) +@@ -1959,16 +1959,43 @@ key_demote(const Key *k) fatal("key_demote: bad key type %d", k->type); break; } @@ -190,9 +190,11 @@ + case KEY_ECDSA: + return EC_KEY_get0_private_key(k->ecdsa) != NULL; +#endif ++ case KEY_ED25519_CERT: ++ case KEY_ED25519: ++ return k->ed25519_sk != NULL; + default: -+ /* fatal("key_is_private: bad key type %d", k->type); */ -+ debug2("key_is_private: bad key type %d", k->type); ++ fatal("key_is_private: bad key type %d", k->type); + return 1; + } +} ++++++ openssh-6.5p1-fips.patch ++++++ ++++ 705 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/openssh/openssh-6.5p1-fips.patch ++++ and /work/SRC/openSUSE:Factory/.openssh.new/openssh-6.5p1-fips.patch -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org