openssh

jonathan/openssh

Fork 0

forked from rpms/openssh

Commit Graph

Select branches

Hide Pull Requests

a9

c10s

c8

c8-beta

c8s

c9

c9-beta

c9s

c9s_cve_2023_38408

imports/c8-beta/openssh-8.0p1-10.el8

imports/c8-beta/openssh-8.0p1-13.el8

imports/c8-beta/openssh-8.0p1-16.el8

imports/c8-beta/openssh-8.0p1-17.el8

imports/c8-beta/openssh-8.0p1-2.el8

imports/c8-beta/openssh-8.0p1-24.el8

imports/c8-beta/openssh-8.0p1-3.el8

imports/c8-beta/openssh-8.0p1-5.el8

imports/c8/openssh-7.8p1-4.el8

imports/c8/openssh-8.0p1-10.el8

imports/c8/openssh-8.0p1-13.el8

imports/c8/openssh-8.0p1-16.el8

imports/c8/openssh-8.0p1-17.el8

imports/c8/openssh-8.0p1-17.el8_7

imports/c8/openssh-8.0p1-19.el8_8

imports/c8/openssh-8.0p1-19.el8_9.2

imports/c8/openssh-8.0p1-24.el8

imports/c8/openssh-8.0p1-3.el8

imports/c8/openssh-8.0p1-4.el8_1

imports/c8/openssh-8.0p1-5.el8

imports/c8/openssh-8.0p1-6.el8_4.2

imports/c8s/openssh-8.0p1-10.el8

imports/c8s/openssh-8.0p1-12.el8

imports/c8s/openssh-8.0p1-13.el8

imports/c8s/openssh-8.0p1-16.el8

imports/c8s/openssh-8.0p1-17.el8

imports/c8s/openssh-8.0p1-5.el8

imports/c8s/openssh-8.0p1-7.el8

imports/c8s/openssh-8.0p1-8.el8

imports/c8s/openssh-8.0p1-9.el8

imports/c9-beta/openssh-8.6p1-7.el9.1

imports/c9-beta/openssh-8.7p1-22.el9

imports/c9-beta/openssh-8.7p1-28.el9

imports/c9-beta/openssh-8.7p1-34.el9

imports/c9-beta/openssh-8.7p1-38.el9

imports/c9-beta/openssh-8.7p1-4.el9

imports/c9-beta/openssh-8.7p1-6.el9

imports/c9-beta/openssh-8.7p1-7.el9

imports/c9-beta/openssh-8.7p1-8.el9

imports/c9/openssh-8.7p1-10.el9_0

imports/c9/openssh-8.7p1-24.el9_1

imports/c9/openssh-8.7p1-28.el9

imports/c9/openssh-8.7p1-29.el9_2

imports/c9/openssh-8.7p1-30.el9_2

imports/c9/openssh-8.7p1-34.el9

imports/c9/openssh-8.7p1-34.el9_3.3

imports/c9/openssh-8.7p1-38.el9

imports/c9/openssh-8.7p1-8.el9

1acb0bc5a9 fix CVE-2024-6387 a9 Jonathan Wright 2024-07-01 08:50:53 -0500
8f0ad5fe82 Bump release for June 2024 mass rebuild c10s Troy Dawson 2024-06-24 09:06:11 -0700
58760558fb Fix ssh multiplexing connect timeout processing c9s Dmitry Belyavskiy 2024-06-03 12:12:04 +0200
6d16bfdb3c import UBI openssh-8.0p1-24.el8 c8 imports/c8/openssh-8.0p1-24.el8 eabdullin 2024-05-22 13:26:20 +0000
17e559c555 Add key size variables into sshd.sysconfig Zoltan Fridrich 2024-05-10 10:39:36 +0200
d23ed33031 Make default key sizes configurable in sshd-keygen Zoltan Fridrich 2024-05-09 17:08:11 +0200
2e80dd6896 Correctly audit hostname and IP address Zoltan Fridrich 2024-05-09 17:06:11 +0200
01178d1eef Make default key sizes configurable in sshd-keygen Zoltan Fridrich 2024-05-02 16:16:48 +0200
7fedb4cdc0 Correctly audit hostname and IP address Zoltan Fridrich 2024-05-02 16:12:31 +0200
1e5fcaacd5 import UBI openssh-8.7p1-38.el9 imports/c9/openssh-8.7p1-38.el9 c9 eabdullin 2024-04-30 15:39:53 +0000
03eff3f0f1 Use FIPS-compatible API for key derivation Dmitry Belyavskiy 2024-04-24 21:26:06 +0200
828c949c3d import CS openssh-8.7p1-38.el9 imports/c9-beta/openssh-8.7p1-38.el9 c9-beta eabdullin 2024-03-28 11:18:12 +0000
29a5db689e import CS openssh-8.0p1-24.el8 imports/c8-beta/openssh-8.0p1-24.el8 c8-beta eabdullin 2024-03-27 20:09:54 +0000
3188b36323 import UBI openssh-8.7p1-34.el9_3.3 imports/c9/openssh-8.7p1-34.el9_3.3 eabdullin 2024-03-05 21:02:56 +0000
13cf39f11a Providing a kill switch for scp to deal with CVE-2020-15778 c8s Dmitry Belyavskiy 2024-02-06 12:32:38 +0100
b6a876a1a7 import UBI openssh-8.0p1-19.el8_9.2 imports/c8/openssh-8.0p1-19.el8_9.2 eabdullin 2024-01-30 18:53:52 +0000
2f41ca7cd3 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Fedora Release Engineering 2024-01-25 11:29:57 +0000
d089d5f71b Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Fedora Release Engineering 2024-01-21 11:22:01 +0000
f238307bdf Applying patches to rebase to OpenSSH 9.6p1 Dmitry Belyavskiy 2024-01-12 13:55:32 +0100
ff2aae200d Fix Terrapin attack Dmitry Belyavskiy 2024-01-05 15:09:14 +0100
2c2ea1d489 Fix Terrapin attack Dmitry Belyavskiy 2024-01-05 14:43:26 +0100
4c42338c08 Fix Terrapin attack Dmitry Belyavskiy 2024-01-05 14:28:02 +0100
87ae5d1d5a Fix type errors in downstream gssapi-keyex patch Florian Weimer 2023-12-22 17:01:38 +0100
61a590faaf Forbid shell metasymbols in username/hostname Dmitry Belyavskiy 2023-12-20 12:20:37 +0100
99988fba8f Fix Terrapin attack Dmitry Belyavskiy 2023-12-21 13:57:30 +0100
8a8fae36ce Rebuild Dmitry Belyavskiy 2023-12-21 13:43:57 +0100
0521bb1a51 Forbid shell metasymbols in username/hostname Dmitry Belyavskiy 2023-12-20 12:20:37 +0100
d18e1c1119 Relax OpenSSH build-time checks for OpenSSL version Dmitry Belyavskiy 2023-12-20 11:31:43 +0100
54fc8050ff Fix Terrapin attack Dmitry Belyavskiy 2023-12-20 11:26:41 +0100
2e04a3ede2 Using DigestSign/DigestVerify functions for better FIPS compatibility Dmitry Belyavskiy 2023-11-07 17:44:31 +0100
6d707df735 import UBI openssh-8.7p1-34.el9 imports/c9/openssh-8.7p1-34.el9 eabdullin 2023-11-07 11:34:42 +0000
6c888396c9 Fix GSS KEX causing ssh failures when connecting to WinSSHD Dmitry Belyavskiy 2023-11-01 11:29:52 +0100
6242770aa2 Using DigestSign/DigestVerify functions for better FIPS compatibility Dmitry Belyavskiy 2023-11-01 10:44:40 +0100
c06e3e9d62 Avoid sshd_config 256K limit Dmitry Belyavskiy 2023-10-31 13:42:04 +0100
ed9948fc28 Avoid killing all processes on system in case of race condition Dmitry Belyavskiy 2023-10-30 13:31:05 +0100
9c7572af98 Add comment to OpenSSH server config about FIPS-incompatible key Dmitry Belyavskiy 2023-10-30 13:09:20 +0100
a636f3d32f Limit artificial delays in sshd while login using AD user Dmitry Belyavskiy 2023-10-30 12:50:36 +0100
5838d35972 Move users/groups creation logic to sysusers.d fragments Dmitry Belyavskiy 2023-10-24 14:22:42 +0200
a43be164ec Limit artificial delays in sshd while login using AD user Dmitry Belyavskiy 2023-10-23 13:33:49 +0200
d8b51e8341 Relax OpenSSH checks for OpenSSL version Dmitry Belyavskiy 2023-10-23 12:59:46 +0200
5c1da775a9 Fix issue with read-only ssh buffer during gssapi key exchange (rhbz#1938224) https://github.com/openssh-gsskex/openssh-gsskex/pull/19 Mattias Ellert 2023-10-06 17:27:39 +0200
4f07bfcfe1 Fix FTBFS due to implicit declarations (rhbz#2241211) Mattias Ellert 2023-10-15 06:42:32 +0200
d80bf06988 import CS openssh-8.7p1-34.el9 imports/c9-beta/openssh-8.7p1-34.el9 eabdullin 2023-09-21 19:44:39 +0000
d3cd3f2851 migrated to SPDX license Dmitry Belyavskiy 2023-09-19 12:19:43 +0200
f98acbdc5d Revert "Remove sshd.socket unit" Timothée Ravier 2023-09-15 10:22:41 +0200
c38c04eca8 rebuilt Dmitry Belyavskiy 2023-08-24 17:05:04 +0200
d77b1b790a pkcs11: Add support for 'serial' in PKCS#11 URI Jakub Jelen 2023-04-13 14:59:50 +0200
c7af8ecb76 Minor optimization of ssh_krb5_kuserok Dmitry Belyavskiy 2023-08-03 11:06:10 +0200
8a294387d0 Remove sshd.socket unit Dmitry Belyavskiy 2023-08-03 10:38:48 +0200
f4f5944e31 Disable forking of ssh-agent on startup Dmitry Belyavskiy 2023-08-03 10:32:24 +0200
ec2f61e2cf Split including crypto-policies to a separate config Dmitry Belyavskiy 2023-08-03 10:25:50 +0200
6afdefca5f import UBI openssh-8.7p1-30.el9_2 imports/c9/openssh-8.7p1-30.el9_2 Andrew Lukoshko 2023-08-02 06:43:31 +0000
f47dcec1ba import UBI openssh-8.0p1-19.el8_8 imports/c8/openssh-8.0p1-19.el8_8 Andrew Lukoshko 2023-08-02 06:42:27 +0000
147ab2eb19 relax checks of the OpenSSL version Dmitry Belyavskiy 2023-08-01 14:19:16 +0200
eb1b5e6755 relax checks of the OpenSSL version Dmitry Belyavskiy 2023-08-01 14:18:18 +0200
c04e468b07 Update gssapi-keyex patch for OpenSSH 9.0+ Mattias Ellert 2023-07-26 23:28:39 +0200
3b9345d0dc Version bump c9s_cve_2023_38408 Dmitry Belyavskiy 2023-07-24 11:10:10 +0200
105578d3c8 Avoid remote code execution in ssh-agent PKCS#11 support Dmitry Belyavskiy 2023-07-20 12:10:35 +0200
c3494feffe Fix remote code execution in ssh-agent PKCS#11 support Dmitry Belyavskiy 2023-07-21 17:00:23 +0200
9fd130d8eb Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Fedora Release Engineering 2023-07-20 18:12:08 +0000
edaf6c0fb4 Avoid remote code execution in ssh-agent PKCS#11 support Dmitry Belyavskiy 2023-07-20 12:10:35 +0200
6fa799e1aa Avoid remote code execution in ssh-agent PKCS#11 support Dmitry Belyavskiy 2023-07-20 12:02:42 +0200
c7f769eede re-import sources as agreed with the maintainer Adam Samalik 2023-06-29 18:17:28 +0200
c5140cafa3 Allow specifying validity interval in UTC Dmitry Belyavskiy 2023-06-14 11:15:41 +0200
8f5b8fd2c5 Revert "pkcs11: Add support for 'serial' in PKCS#11 URI" Norbert Pocs 2023-06-13 14:37:42 +0200
c5082a3f81 Merge gssapi-keyex and gssapi-auth Norbert Pocs 2023-06-08 12:58:47 +0200
2b67ec48c2 Merge manpage crypto-policies related patches Norbert Pocs 2023-06-07 10:33:38 +0200
fb40f0afda Merge evp related patches Norbert Pocs 2023-06-07 10:07:27 +0200
141d7b2d4a Remove deprecated usage of %patchN Norbert Pocs 2023-06-06 15:21:39 +0200
d5fd076ab3 Updating specfile Dmitry Belyavskiy 2023-06-07 12:15:31 +0200
18e9f31c42 Fix DSS verification problem Dmitry Belyavskiy 2023-06-07 12:12:46 +0200
29083ac442 Remove unused patch Dmitry Belyavskiy 2023-06-02 18:56:58 +0200
f561c68bdb Rebasing OpenSSH from 9.0 to 9.3 Dmitry Belyavskiy 2023-04-27 17:52:26 +0200
415f8e730b Clarify rhbz#2068423 on the ssh_config man page Norbert Pocs 2023-05-29 13:46:14 +0200
b129d6336e Clarify HostKeyAlgorithms option on man page Norbert Pocs 2023-05-29 13:58:15 +0200
e39f11e77c pkcs11: Add support for 'serial' in PKCS#11 URI Jakub Jelen 2023-04-13 14:59:50 +0200
e8e01dc82e Fix regression in pkcs11 introduced in the previous patch Norbert Pocs 2023-05-18 12:05:18 +0200
2341f1769d Fix minor issues with openssh-9.0p1-evp-fips-dh.patch Norbert Pocs 2023-05-24 13:26:37 +0200
6b2353418c Fix regression in pkcs11 introduced in the previous patch Norbert Pocs 2023-05-18 12:05:18 +0200
48718a1a72 Delete unneeded debug messages from fips-compl-dh patch Norbert Pocs 2023-05-25 09:16:00 +0200
1490ffd3e0 Fix minor issues with openssh-8.7p1-evp-fips-compl-dh.patch Norbert Pocs 2023-05-16 15:50:52 +0200
26f40c1ea2 import openssh-8.7p1-29.el9_2 imports/c9/openssh-8.7p1-29.el9_2 CentOS Sources 2023-05-09 10:24:19 +0000
fe35f1e78c import openssh-8.7p1-28.el9 imports/c9/openssh-8.7p1-28.el9 CentOS Sources 2023-05-09 05:40:15 +0000
587d7b215f Add FIPS compliance efforts for dh, ecdh and signing Norbert Pocs 2023-05-03 15:52:40 +0200
b5ba5af997 Eliminating remnants of SHA1 usage in OpenSSH Dmitry Belyavskiy 2023-04-20 17:54:07 +0200
cc7d7a5730 Some non-terminating processes were listening on ports. Dmitry Belyavskiy 2023-04-20 17:29:37 +0200
6f7c765ed4 Audit logging patch was not applied Dmitry Belyavskiy 2023-04-14 10:38:37 +0200
1506e0825c If SHA1 signatures are not permitted, try to fallback to SHA2 Dmitry Belyavskiy 2023-04-14 10:32:06 +0200
b63272d9eb Make the sign, dh, ecdh processes FIPS compliant Norbert Pocs 2023-04-13 15:12:10 +0200
745da74ea2 Fix self-DoS Dmitry Belyavskiy 2023-04-13 18:14:19 +0200
f7003be68c Resolve possible self-DoS with some clients Dmitry Belyavskiy 2023-04-06 10:15:36 +0200
d5591fb5ab C99 compatiblity fixes Florian Weimer 2023-04-12 12:07:21 +0200
7f53c0e133 import openssh-8.7p1-28.el9 imports/c9-beta/openssh-8.7p1-28.el9 CentOS Sources 2023-03-28 09:20:54 +0000
9dbd8185cd import openssh-8.0p1-17.el8 imports/c8-beta/openssh-8.0p1-17.el8 CentOS Sources 2023-03-28 08:57:44 +0000
e3597c03f1 Make sshd & sshd@ units want ssh-host-keys-migration.service Timothée Ravier 2023-03-14 17:14:17 +0100
3a98e6f607 Add sk-dummy subpackage for test purposes Zoltan Fridrich 2023-03-13 13:20:24 +0100
76640017be Bring gating.yaml over from Brew dist-git Troy Dawson 2023-03-10 11:10:24 -0800
21fd6bef5b

Make ssh-host key migration less conditional Dusty Mabe 2023-03-05 22:51:10 -0500
1076e61bfd

Mark /var/lib/.ssh-host-keys-migration as %ghost file Dusty Mabe 2023-03-05 22:48:30 -0500
08d842d5e8

Use a service unit to strip ssh_keys group from host keys (rhbz#2172956) Dusty Mabe 2023-01-30 16:01:17 +0100