diff --git a/SPECS/openssh.spec b/SPECS/openssh.spec index e9c46ad..f232dc1 100644 --- a/SPECS/openssh.spec +++ b/SPECS/openssh.spec @@ -54,7 +54,7 @@ Summary: An open source implementation of SSH protocol version 2 Name: openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.alma.1 +Release: %{openssh_rel}%{?dist}.alma.2 URL: http://www.openssh.com/portable.html #URL1: https://github.com/jbeverly/pam_ssh_agent_auth/ Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz @@ -370,7 +370,7 @@ Requires: openssh = %{version}-%{release} %package -n pam_ssh_agent_auth Summary: PAM module for authentication with ssh-agent Version: %{pam_ssh_agent_ver} -Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.alma.1 +Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.alma.2 License: BSD %description @@ -522,6 +522,7 @@ popd %patch1019 -p1 -b .cve-2023-51385 %patch1020 -p1 -b .earlypipe %patch1021 -p1 -b .cve-2024-6387 +# CS9 patch by Dmitry Belyavskiy %patch1022 -p1 -b .errcode_set autoreconf @@ -810,10 +811,10 @@ test -f %{sysconfig_anaconda} && \ %endif %changelog -* Wed Feb 19 2025 Andrew Lukoshko - 8.7p1-43.alma.1 -- Fix missing error codes set and invalid error code checks in OpenSSH. It - prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS - is on (CVE-2025-26465). +* Sat Mar 01 2025 Andrew Lukoshko - 8.7p1-43.alma.2 +- Backport from CentOS Stream 9 to fix missing error codes set and invalid error + code checks in OpenSSH. It prevents memory exhaustion attack and a MITM + attack when VerifyHostKeyDNS is on (CVE-2025-26465). Resolves: RHEL-78700 * Tue Jul 09 2024 Dmitry Belyavskiy - 8.7p1-43