FreshPorts -- security/openssh-portable/files/extra-patch-hpn-build-options

non port: security/openssh-portable/files/extra-patch-hpn-build-options

SVNWeb

Number of commits found: 5

Sat, 4 Apr 2015

[ 17:16 bdrewery

]

(Only the first 10 of 12 ports in this commit are shown above.

)

- Update to 6.8p1
- Fix 'make test'
- HPN:
  - NONECIPHER is no longer default. This is not default in base and should not
    be default here as it introduces security holes.
  - HPN: I've audited the patch and included it in the port directory for
    transparency. I identified several bugs and submitted them to the new
    upstream: https://github.com/rapier1/openssh-portable/pull/2
  - HPN: The entire patch is now ifdef'd to ensure various bits are properly
    removed depending on the OPTIONS selected.
  - AES_THREADED is removed. It has questionable benefit on modern HW and is not
    stable.
  - The "enhanced logging" was removed from the patch as it is too
    intrusive and difficult to maintain in the port.
  - The progress meter "peak throughput" patch was removed.
  - Fixed HPN version showing in client/server version string when HPN
    was disabled in the config.
- KERB_GSSAPI is currently BROKEN as it does not apply.
- Update X509 to 8.3

Changelog: http://www.openssh.com/txt/release-6.8

Wed, 17 Dec 2014

[ 02:34 bdrewery

]

374833 security/openssh-portable/Makefile
374833 security/openssh-portable/distinfo
374833 security/openssh-portable/files/extra-patch-hpn-build-options

- Fix HPN patches for 6.7p1
- Add back HPN and NONECIPHER for the default options and bump PORTREVISION
  due to this.

Sun, 16 Mar 2014

[ 17:35 bdrewery

]

348420 security/openssh-portable/Makefile
348420 security/openssh-portable/distinfo
348420 security/openssh-portable/files/extra-patch-hpn-build-options
348420 security/openssh-portable/files/patch-sandbox-capsicum.c

- Update to 6.6
- Capsicum patch no longer needed
- Update X509 patch to 7.9

Changelog: http://www.openssh.org/txt/release-6.6

Wed, 5 Feb 2014

[ 01:40 bdrewery

]

342618 security/openssh-portable/Makefile
342618 security/openssh-portable/distinfo
342618 security/openssh-portable/files/extra-patch-hpn-build-options
342618 security/openssh-portable/files/openssh.in
342618 security/openssh-portable/files/patch-readconf.c
342618 security/openssh-portable/files/patch-sandbox-capsicum.c
342618 security/openssh-portable/files/patch-servconf.c
342618 security/openssh-portable/files/patch-sshd.c
342618 security/openssh-portable/files/patch-sshd_config

- Update to 6.5
  ChangeLog: http://www.openssh.org/txt/release-6.5

- Update X509 patch to 7.8
- Update LIB_DEPENDS to new format
- Revert r328706 and re-enable privilege separation sandboxing by default
  as the issue causing crashes has been fixed upstream
- capsicum(4) is now enabled upstream. A local patch is added to fix an issue
  with it [1]
- KERB_GSSAPI is marked BROKEN. It does not build.
  This patch lacks an upstream and I have no way to test it. It needs
  a non-trivial amount of refactoring for 6.5 as the key handling API
  has changed quite a bit.

Submitted by:	pjd@ [1]

Sun, 13 Oct 2013

[ 02:20 bdrewery

]

330200 security/openssh-portable/Makefile
330200 security/openssh-portable/distinfo
330200 security/openssh-portable/files/extra-patch-hpn-build-options
330200 security/openssh-portable/files/extra-patch-hpn-no-hpn
330200 security/openssh-portable/files/extra-patch-ldns
330200 security/openssh-portable/files/patch-session.c
330200 security/openssh-portable/files/patch-ssh-agent.c
330200 security/openssh-portable/pkg-message
330200 security/openssh-portable/pkg-plist

- Update to 6.3p1
  Changelog: http://www.openssh.org/txt/release-6.3
- Use options helpers where possible
- Use upstream patch mirror for x509 and HPN
- Update HPN patch to v14 and use upstream version
- Add option NONECIPHER to allow disabling NONE in HPN patch
- Update x509 patch from 7.4.1 to 7.6
- Add support for LDNS and enable by it and VerifyHostKeyDNS/SSHFP by default.
  See
http://lists.freebsd.org/pipermail/freebsd-security/2013-September/007180.html
  which describes this change, but is supported on releases before 10 as well
  with LDNS option.
- Update SCTP to patchlevel 2329
- Update recommendation on secure usage of SSH
- Add pkg-message warning about ECDSA key possibly being incorrect due to
  previously being written as DSA by the rc script and fixed in r299902 in
  2012

Number of commits found: 5

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

chromium	May 31
openssl	May 31
openssl-quictls	May 31
openssl30	May 31
openssl31	May 31
ungoogled-chromium	May 31
mariadb1011-server	May 28
mariadb104-server	May 28
mariadb105-server	May 28
mariadb106-server	May 28
curl	May 19
zeek	May 19
electron22	May 18
electron23	May 18
chromium	May 17

8 vulnerabilities affecting 161 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2023-05-31 15:52:08 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	31532
Broken	104
Deprecated	234
Ignore	268
Forbidden	7
Restricted	2
No CDROM	0
Vulnerable	65
Expired	8
Set to expire	192
Interactive	0
new 24 hours	2
new 48 hours	5
new 7 days	18
new fortnight	57
new month	123