Update to 3.7.1p2:

Most important chcanges: security relevant bug fixes in new PAM authentication code Changes since OpenSSH 3.7.1p1: ============================== * This release disables PAM by default. To enable it, set "UsePAM yes" in sshd_config. Due to complexity, inconsistencies in the specification and differences between vendors' PAM implementations we recommend that PAM be left disabled in sshd_config unless there is a need for its use. Sites using only public key or simple password authentication usually have little need to enable PAM support. * This release now requires zlib 1.1.4 to build correctly. Previous versions have security problems. * Fix compilation for versions of OpenSSL before 0.9.6. Some cipher modes are not supported for older OpenSSL versions. * Fix compilation problems on systems with a missing or lacking inet_ntoa() function. * Workaround problems related to unimplemented or broken setresuid/setreuid functions on several platforms. * Fix compilation on older OpenBSD systems. * Fix handling of password-less authentication (PermitEmptyPasswords=yes) that has not worked since the 3.7p1 release.
2003-09-23 17:52:33 +00:00 · 2003-09-23 17:52:33 +00:00 · d22e217b00
commit d22e217b00
parent 9cc8910171
4 changed files with 13 additions and 26 deletions
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.114 2003/09/22 01:18:38 grant Exp $
+# $NetBSD: Makefile,v 1.115 2003/09/23 17:52:33 jschauma Exp $

-DISTNAME=		openssh-3.7.1p1
-PKGNAME=		openssh-3.7.1.1
+DISTNAME=		openssh-3.7.1p2
+PKGNAME=		openssh-3.7.1.2
 SVR4_PKGNAME=		ossh
 CATEGORIES=		security
 MASTER_SITES=		ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
--- a/security/openssh/distinfo
+++ b/security/openssh/distinfo
@ -1,8 +1,7 @@
-$NetBSD: distinfo,v 1.28 2003/09/18 02:11:40 jschauma Exp $
+$NetBSD: distinfo,v 1.29 2003/09/23 17:52:34 jschauma Exp $

-SHA1 (openssh-3.7.1p1.tar.gz) = b936ca7528fb46318febe02042a0e1bccf31c127
-Size (openssh-3.7.1p1.tar.gz) = 791161 bytes
-SHA1 (patch-aa) = 6d9fda6b4258a295cef814021b06fa7b3709f59e
+SHA1 (openssh-3.7.1p2.tar.gz) = 9b7d026710a3017c448b0e531eb95be6b2081963
+Size (openssh-3.7.1p2.tar.gz) = 792280 bytes
+SHA1 (patch-aa) = 62918b930d51411b0067e77c43c830c35b07c457
 SHA1 (patch-ab) = 1069fe256b7925fcf404781ef14e5c492f52c21e
 SHA1 (patch-ah) = 9913c868bde5d318915b1dee2c05dcf454a0f506
-SHA1 (patch-ai) = 3f1ec11561916388c5ed9ce36e531bce411d54a4
--- a/security/openssh/patches/patch-aa
+++ b/security/openssh/patches/patch-aa
@ -1,8 +1,6 @@
-$NetBSD: patch-aa,v 1.29 2003/09/16 13:52:31 grant Exp $
-
--- configure.orig	2003-09-16 16:19:17.000000000 +1000
-+++ configure
-@@ -4583,6 +4583,9 @@ EOF
+--- configure.orig	Tue Sep 23 02:55:43 2003
+++ configure	Tue Sep 23 13:27:33 2003
+@@ -4646,6 +4646,9 @@
 	;;
 esac
 
@ -12,8 +10,8 @@ $NetBSD: patch-aa,v 1.29 2003/09/16 13:52:31 grant Exp $
 # Allow user to specify flags
 
 # Check whether --with-cflags or --without-cflags was given.
-@@ -6428,6 +6431,10 @@ echo $ECHO_N "checking for libwrap... $E
- #line 6428 "configure"
+@@ -6491,6 +6494,10 @@
+ #line 6491 "configure"
 #include "confdefs.h"
 
 +#ifdef HAVE_SYS_CDEFS_H
@ -23,7 +21,7 @@ $NetBSD: patch-aa,v 1.29 2003/09/16 13:52:31 grant Exp $
 #include <tcpd.h>
 					int deny_severity = 0, allow_severity = 0;
 
-@@ -16950,7 +16957,7 @@ echo "OpenSSH has been configured with t
+@@ -17138,7 +17145,7 @@
 echo "                     User binaries: $B"
 echo "                   System binaries: $C"
 echo "               Configuration files: $D"
--- a/security/openssh/patches/patch-ai
+++ b/security/openssh/patches/patch-ai
@ -1,10 +0,0 @@
--- openbsd-compat/inet_ntoa.c.orig	Wed Sep 17 21:35:26 2003
-+++ openbsd-compat/inet_ntoa.c	Wed Sep 17 21:35:37 2003
-@@ -43,7 +43,6 @@
- #include <netinet/in.h>
- #include <arpa/inet.h>
- #include <stdio.h>
-#include "inet_ntoa.h"
- 
- char *inet_ntoa(struct in_addr in)
- {