Update changelog to mention CVE-2025-26465 patch origin

2025-03-01 08:36:55 +00:00 · 2025-03-01 08:36:55 +00:00 · bccdf22733
commit bccdf22733
parent 9c4d9149c2
1 changed files with 7 additions and 6 deletions
--- a/SPECS/openssh.spec
+++ b/SPECS/openssh.spec
@ -54,7 +54,7 @@
 Summary: An open source implementation of SSH protocol version 2
 Name: openssh
 Version: %{openssh_ver}
-Release: %{openssh_rel}%{?dist}.alma.1
+Release: %{openssh_rel}%{?dist}.alma.2
 URL: http://www.openssh.com/portable.html
 #URL1: https://github.com/jbeverly/pam_ssh_agent_auth/
 Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
@ -370,7 +370,7 @@ Requires: openssh = %{version}-%{release}
 %package -n pam_ssh_agent_auth
 Summary: PAM module for authentication with ssh-agent
 Version: %{pam_ssh_agent_ver}
-Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.alma.1
+Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.alma.2
 License: BSD

 %description
@ -522,6 +522,7 @@ popd
 %patch1019 -p1 -b .cve-2023-51385
 %patch1020 -p1 -b .earlypipe
 %patch1021 -p1 -b .cve-2024-6387
+# CS9 patch by Dmitry Belyavskiy <dbelyavs@redhat.com>
 %patch1022 -p1 -b .errcode_set

 autoreconf
@ -810,10 +811,10 @@ test -f %{sysconfig_anaconda} && \
 %endif

 %changelog
-* Wed Feb 19 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 8.7p1-43.alma.1
- Fix missing error codes set and invalid error code checks in OpenSSH. It
-  prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
-  is on (CVE-2025-26465).
+* Sat Mar 01 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 8.7p1-43.alma.2
+- Backport from CentOS Stream 9 to fix missing error codes set and invalid error
+  code checks in OpenSSH. It prevents memory exhaustion attack and a MITM
+  attack when VerifyHostKeyDNS is on (CVE-2025-26465).
  Resolves: RHEL-78700

 * Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43