summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssh/openssh_6.7p1.bb
Commit message (Collapse)AuthorAgeFilesLines
* openssh: CVE-2016-077xArmin Kuster2016-01-201-0/+1
| | | | | | | | | | this address two CVE's. CVE-2016-0777 and CVE-2016-0778 (From OE-Core rev: 1c05115a906499989d2159683195ed6d2cda75ba) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Backport CVE-2015-5600 fixHaris Okanovic2015-12-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | only query each keyboard-interactive device once per authentication request regardless of how many times it is listed Source: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c?f=h#rev1.43 http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r2=1.43&r1=1.42&f=u Bug report: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5600 https://bugzilla.redhat.com/show_bug.cgi?id=1245969 Testing: Built in Fido and installed to x86_64 test system. Verified both 'keyboard-interactive' and 'publickey' logon works with root and a regular user from an openssh 7.1p1-1 client on Arch. (From OE-Core rev: 433f66ba6c79cf49e29251af0985baf5c4b79e23) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Reviewed-by: Rich Tollerton <rich.tollerton@ni.com> Reviewed-by: Ken Sharp <ken.sharp@ni.com> Natinst-ReviewBoard-ID: 115602 Natinst-CAR-ID: 541263 Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565Armin Kuster2015-09-181-1/+5
| | | | | | | | | | | | | three security fixes. CVE-2015-6563 (Low) openssh: Privilege separation weakness related to PAM support CVE-2015-6564 (medium) openssh: Use-after-free bug related to PAM support CVE-2015-6565 (High) openssh: Incorrectly set TTYs to be world-writable (From OE-Core rev: 259df232b513367a0a18b17e3e377260a770288f) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Fix non-deterministic build behaviourDan McGregor2015-02-081-0/+3
| | | | | | | | | | | If maillock.h is found, a dependency on liblockfile will be created. liblockfile is in meta-oe, so we don't want that in an oe-core recipe. (From OE-Core rev: b2cee9b9f08dff41e46e227b1ffa5e46e98faa89) Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: deliver ssh-copy-idKai Kang2015-01-161-0/+1
| | | | | | | | | | Deliver script ssh-copy-id from openssh which is useful to add an authorized ssh key. (From OE-Core rev: 16562034a2c28cbfc6c90f9324c42c08e0655b7d) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: upgrade to 6.7p1Paul Eggleton2015-01-071-0/+145
* Drop two CVE patches already handled upstream. * Drop nostrip.patch which no longer applies and use the existing --disable-strip configure option instead. * OpenSSH 6.7+ no longer supports tcp wrappers. We could apply the Debian patch to add support back in, but it seems best to follow upstream here unless we have a good reason to do otherwise. (From OE-Core rev: 59e0833e24e4945569d36928dc0f231e822670ba) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-23 18:15:52 +0000