notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
All times are UTC
Ukraine
non port: security/openssh-portable/files/patch-ssh-agent.c
SVNWeb

Number of commits found: 19

Thu, 16 Feb 2023
[ 19:23 Bryan Drewery (bdrewery) search for other commits by this committer ]    commit hash:10491773d88012fe81d9c039cbbba647bde9ebc9  commit hash:10491773d88012fe81d9c039cbbba647bde9ebc9  commit hash:10491773d88012fe81d9c039cbbba647bde9ebc9  10491773 
security/openssh-portable: Upgrade to 9.2p1

Changes: https://www.openssh.com/txt/release-9.2
Thu, 3 Mar 2022
[ 19:25 Bryan Drewery (bdrewery) search for other commits by this committer ]    commit hash:ae66cffc19f357cbd51d5841c9b110a9ffd63e32  commit hash:ae66cffc19f357cbd51d5841c9b110a9ffd63e32  commit hash:ae66cffc19f357cbd51d5841c9b110a9ffd63e32  ae66cff 
security/openssh-portable: Update to 8.9p1

- Unbreak GSSAPI [1]
- rc.d/openssh: Allow modifying host key generation [2]

Changes: https://www.openssh.com/txt/release-8.9
PR:     	259909 [1]
PR:		202169 [2]
Submitted by:	Rick Miller [1]
Submitted by:	Chad Jacob Milios [2]
Thu, 29 Apr 2021
[ 16:05 Bryan Drewery (bdrewery) search for other commits by this committer ]    commit hash:de9fffcec89b58fb6f77b72a55975eccb01eb480  commit hash:de9fffcec89b58fb6f77b72a55975eccb01eb480  commit hash:de9fffcec89b58fb6f77b72a55975eccb01eb480  de9fffc  (Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
security/openssh-portable: Update to 8.6p1

- gssapi is disabled for now.

Changes:
 - https://www.openssh.com/txt/release-8.5
 - https://www.openssh.com/txt/release-8.6

Submitted by:	Yasuhiro Kimura [earlier version][1]
PR:		254389 [1]
Mon, 16 Nov 2020
[ 19:39 bdrewery search for other commits by this committer ] Original commit   Revision:555512
- Update to 8.4p1 (skipped 8.3)

 - https://www.openssh.com/txt/release-8.3
 - https://www.openssh.com/txt/release-8.4

PR:		239807, 250319
Sponsored by:	Dell EMC
Mon, 23 Mar 2020
[ 16:53 bdrewery search for other commits by this committer ] Original commit   Revision:528979
- Update to 8.2p1

Release notes: https://www.openssh.com/txt/release-8.2
Thu, 12 Oct 2017
[ 19:40 bdrewery search for other commits by this committer ] Original commit   Revision:451927
Update to 7.6p1

- Update x509 patch to 11.0
- HPN/NONECIPHER do not apply currently and are disabled by default,
  same as the base sshd.  A compatibility patch is applied if
  these options are disabled to prevent startup failures; the options
  are kept as deprecated.
- SCTP patch does not apply.

Changes: https://www.openssh.com/txt/release-7.6

Notable changes:
  - SSH version 1 support dropped.
  - Dropped support for hmac-ripemd160 MAC.
  - Dropped support for the ciphers arcfour, blowfish and CAST.
  - RSA keys less than 1024 bits are refused.
Mon, 16 Jan 2017
[ 19:30 bdrewery search for other commits by this committer ] Original commit   Revision:431698 (Only the first 10 of 16 ports in this commit are shown above. View all ports for this commit)
Update to 7.4p1.

- Update X509 patch to 9.3
- SCTP patch from soralx@cydem.org

Changes: https://www.openssh.com/txt/release-7.4
Fri, 13 Jan 2017
[ 23:23 bdrewery search for other commits by this committer ] Original commit   Revision:431438
Add patches to cover security issues CVE-2016-10009 and CVE-2016-10010.

Security:	2c948527-d823-11e6-9171-14dae9d210b8
Submitted by:	Tim Zingelman <zingelman@gmail.com>
MFH:		2017Q1
Wed, 11 Nov 2015
[ 21:21 bdrewery search for other commits by this committer ] Original commit   Revision:401299 (Only the first 10 of 16 ports in this commit are shown above. View all ports for this commit)
Make portlint stop spamming me.  It's gotten quite silly.

There's no reason to regenerate these for the sake of having 'UTC' in the patch
and it also considers patches with comments to be invalid.

WARN: /root/svn/ports/security/openssh-portable/files/patch-auth.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-auth2.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-readconf.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN:
/root/svn/ports/security/openssh-portable/files/patch-regress__test-exec.sh:
patch was not generated using ``make makepatch''.  It is recommended to use
``make makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-servconf.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-session.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh-agent.1: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh-agent.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh.c: patch was not
generated using ``make makepatch''.  It is recommended to use ``make makepatch''
when you need to [re-]generate a patch to ensure proper patch format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh_config: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh_config.5: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshconnect.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd.8: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd_config: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd_config.5: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
Mon, 27 Jul 2015
[ 18:30 bdrewery search for other commits by this committer ] Original commit   Revision:392998 (Only the first 10 of 11 ports in this commit are shown above. View all ports for this commit)
- Update to 6.9p1
- Update X509 patch to 8.4

Changes:	http://www.openssh.com/txt/release-6.9
Sat, 4 Apr 2015
[ 17:16 bdrewery search for other commits by this committer ] Original commit   Revision:383231 (Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
- Update to 6.8p1
- Fix 'make test'
- HPN:
  - NONECIPHER is no longer default. This is not default in base and should not
    be default here as it introduces security holes.
  - HPN: I've audited the patch and included it in the port directory for
    transparency. I identified several bugs and submitted them to the new
    upstream: https://github.com/rapier1/openssh-portable/pull/2
  - HPN: The entire patch is now ifdef'd to ensure various bits are properly
    removed depending on the OPTIONS selected.
  - AES_THREADED is removed. It has questionable benefit on modern HW and is not
    stable.
  - The "enhanced logging" was removed from the patch as it is too
    intrusive and difficult to maintain in the port.
  - The progress meter "peak throughput" patch was removed.
  - Fixed HPN version showing in client/server version string when HPN
    was disabled in the config.
- KERB_GSSAPI is currently BROKEN as it does not apply.
- Update X509 to 8.3

Changelog: http://www.openssh.com/txt/release-6.8
Mon, 17 Nov 2014
[ 18:08 bdrewery search for other commits by this committer ] Original commit   Revision:372676
- Update to 6.7p1.

  Several patches do not currently apply. Use security/openssh-portable66 for:
  HPN, NONECIPHER, KERB_GSSAPI, X509.

- Add a TCP_WRAPPER patch to re-enable support after it was removed upstream.
Sun, 13 Oct 2013
[ 02:20 bdrewery search for other commits by this committer ] Original commit   Revision:330200
- Update to 6.3p1
  Changelog: http://www.openssh.org/txt/release-6.3
- Use options helpers where possible
- Use upstream patch mirror for x509 and HPN
- Update HPN patch to v14 and use upstream version
- Add option NONECIPHER to allow disabling NONE in HPN patch
- Update x509 patch from 7.4.1 to 7.6
- Add support for LDNS and enable by it and VerifyHostKeyDNS/SSHFP by default.
  See
http://lists.freebsd.org/pipermail/freebsd-security/2013-September/007180.html
  which describes this change, but is supported on releases before 10 as well
  with LDNS option.
- Update SCTP to patchlevel 2329
- Update recommendation on secure usage of SSH
- Add pkg-message warning about ECDSA key possibly being incorrect due to
  previously being written as DSA by the rc script and fixed in r299902 in
  2012
Fri, 17 May 2013
[ 19:47 bdrewery search for other commits by this committer ] Original commit   Revision:318400 (Only the first 10 of 15 ports in this commit are shown above. View all ports for this commit)
- Update to 6.2p2

- The LPK patch has been updated but is obsolete, deprecated and
  untested. It has been replaced by AuthorizedKeysCommand
- The upstream HPN's last update was for 6.1 and is mostly
  abandoned. The patch has had bugs since 5.9. I have reworked
  it and split into into HPN and AES_THREADED options. The
  debugging/logging part of the patch is incomplete. I may
  change the patch to more closely match our base version
  eventually.
- The KERB_GSSAPI option has been removed as the patch has not
  been updated by upstream since 5.7
- sshd VersionAddendum is currently not working as intended;
  it will be fixed later to allow removing the port/pkg version.
- Update our patchset to match latest base version
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Wed, 17 Apr 2013
[ 00:35 bdrewery search for other commits by this committer ] Original commit   Revision:315920 (Only the first 10 of 23 ports in this commit are shown above. View all ports for this commit)
- Remove compatibiliy for FreeBSD <4.x
  * /var/empty has been in hier(7) since 4.x
  * User sshd has been in base since 4.x
  * Simplify a patch for realhostname_sa(3) usage
- Remove SUID_SSH - It was removed from ssh in 2002
- Fix 'make test'
- Add some hints into the patches on where they came from
- Mirror all patches
- Move LPK patch out of files/
- Remove the need for 2 patches
  * Removal of 'host-key check-config' in install phase
  * Adding -lutil
- Add SCTP support [1]
- Remove FILECONTROL as it has not been supported since the 5.8
  update
- Replace tab with space pkg-descr
- Remove default WRKSRC
- Add 'configtest' command to rc script
- Mark X509 broken with other patches due to PATCH_DIST_STRIP=-p1

PR:		ports/174570 [1]
Submitted by:	oleg <proler@gmail.com> [1]
Obtained from:	https://bugzilla.mindrot.org/show_bug.cgi?id=2016 (upstream) [1]
Feature safe:	yes
Fri, 21 Oct 2011
[ 16:18 flo search for other commits by this committer ] Original commit  (Only the first 10 of 35 ports in this commit are shown above. View all ports for this commit)
- update to 5.8p2 [1]
- fix Kerberos knob [2]
- fix build on 9.0 [3]
- fix deinstall with various knobs [4]
- fix LPK knob [5]

PR:             ports/161818 [1], ports/144597 [2], ports/160389 [3]
                ports/150493, ports/156926 [4], ports/155456 [5]

Submitted by:   "Grzegorz Blach" <magik@roorback.net> [1], [2], [4], [5]
                pluknet [3]
Reported by:    Jonathan <lordsith49@hotmail.com> [2]
                Kevin Thompson <antiduh@csh.rit.edu> [4]
                Alexey Remizov <alexey@remizov.org> [5]
Sun, 1 Oct 2006
[ 02:15 mnag search for other commits by this committer ] Original commit  (Only the first 10 of 21 ports in this commit are shown above. View all ports for this commit)
- Update to 4.4p1.
- Disable temporary HPN patch until HPN release new version.
- Fix rc.d script path in sshd.8
- Add FreeBSD-${PKGNAME} in SSH_VERSION and SSH_RELEASE like src does.
- Sync patches with src.

Security:       CVE-2006-4924, CVE-2006-5051
Fri, 26 Sep 2003
[ 18:13 dinoex search for other commits by this committer ] Original commit  (Only the first 10 of 24 ports in this commit are shown above. View all ports for this commit)
- update to 3.7.1p2
more regressions tests successfull
Wed, 17 Sep 2003
[ 16:07 nectar search for other commits by this committer ] Original commit 
Add Solar Designer's additional fixes to buffer management.

Number of commits found: 19