Revisions of openssh
- Add a warning in %post of openssh-clients, openssh-server and openssh-server-config-disallow-rootlogin to warn the user if the /etc/ssh/(ssh_config.d|sshd_config.d) directories are not being used (bsc#1223486).
- Only for SLE15, restore the patch file removed in Thu Feb 18 13:54:44 UTC 2021 to restore the previous behaviour from SP5 of having root password login allowed by default (fixes bsc#1223486, related to bsc#1173067): * openssh-7.7p1-allow_root_password_login.patch - Since the default value for this config option is now set to permit root to use password logins in SLE15, the openssh-server-config-rootlogin subpackage isn't useful there so we now create an openssh-server-config-disallow-rootlogin subpackage that sets the configuration the other way around than openssh-server-config-rootlogin. - openssh-8.0p1-gssapi-keyex.patch: Added missing struct initializer, added missing parameter (bsc#1222840)
- Make openssh-server recommend the openssh-server-config-rootlogin package in SLE in order to keep the same behaviour of previous SPs where the PermitRootLogin default was set to yes (bsc#1221005). - Fix crypto-policies requirement to be set by openssh-server, not the config-rootlogin subpackage. - Add back %config(noreplace) tag for more config files that were already set like this in previous SPs. - Fix duplicate loading of dropins. (boo#1222467)
Update openssh to from 9.3p1 to 9.6p1 . Related to jsc#PED-129, includes fixes for several issues like: bsc#1217950, CVE-2023-48795 and bsc#1211301
Merging https://build.suse.de/request/show/325211 and https://build.suse.de/request/show/325212
- Uncomment %sysuser_requires in openssh-server which was commented by mistake and is needed by the pre script installed with %sysusers_generate_pre (bsc#1220802).
PED-129, resubmit. - Update to openssh 9.3p2 * No changes for askpass, see main package changelog for details - openssh-askpass-gnome: require only openssh-clients, not the full openssh (including -server), to avoid pulling in excessive dependencies when installing git on Gnome (boo#1211446) - Update to openssh 9.3p1 * No changes for askpass, see main package changelog for details - Version upgrade to 8.8p1 * No changes for askpass, see main package changelog for details - Merge updates from openSUSE. Existing patches were rebased. - Remove openssh-7.6p1-audit_race_condition.patch: Merged with audit patch. - Remove openssh-CVE-2021-28041-agent-double-free.patch: Fixed upstream. - Remove openssh-bsc1190975-CVE-2021-41617-authorizedkeyscommand.patch: Fixed upstream. - Remove openssh-CVE-2023-38408-PKCS11-execution.patch: Fixed upstream. - Add cb4ed12f.patch from upstream, allowing newer versions of zlib to be used. - Add logind_set_tty.patch by Thorsten Kukuk. This informs systemd-logind of the login TTY and prevents having to parse utmp, which is deprecated by glibc.
Displaying all 8 revisions