From: classabbyamp <classabbyamp@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] openssh: update to 9.8p1.
Date: Mon, 01 Jul 2024 12:25:45 +0200 [thread overview]
Message-ID: <20240701102545.737C227796@inbox.vuxu.org> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-51059@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 654 bytes --]
There is an updated pull request by classabbyamp against master on the void-packages repository
https://github.com/classabbyamp/void-packages openssh
https://github.com/void-linux/void-packages/pull/51059
openssh: update to 9.8p1.
fixes CVE-2024-6387
> OpenSSH plans to remove support for the DSA signature algorithm in early 2025. This release disables DSA by default at compile time.
do we reënable it?
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
A patch file from https://github.com/void-linux/void-packages/pull/51059.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-openssh-51059.patch --]
[-- Type: text/x-diff, Size: 2052 bytes --]
From ea16ad5744fe84768e64816f32b4dcd47e139d15 Mon Sep 17 00:00:00 2001
From: classabbyamp <void@placeviolette.net>
Date: Mon, 1 Jul 2024 05:57:21 -0400
Subject: [PATCH] openssh: update to 9.8p1.
fixes CVE-2024-6387
---
srcpkgs/openssh/patches/musl-connect.patch | 11 +++++++++++
srcpkgs/openssh/template | 5 +++--
2 files changed, 14 insertions(+), 2 deletions(-)
create mode 100644 srcpkgs/openssh/patches/musl-connect.patch
diff --git a/srcpkgs/openssh/patches/musl-connect.patch b/srcpkgs/openssh/patches/musl-connect.patch
new file mode 100644
index 00000000000000..cde7bc8cb1f45b
--- /dev/null
+++ b/srcpkgs/openssh/patches/musl-connect.patch
@@ -0,0 +1,11 @@
+--- a/openbsd-compat/port-linux.c
++++ b/openbsd-compat/port-linux.c
+@@ -366,7 +366,7 @@
+ error_f("socket \"%s\": %s", path, strerror(errno));
+ goto out;
+ }
+- if (connect(fd, &addr, sizeof(addr)) != 0) {
++ if (connect(fd, (const struct sockaddr *)&addr, sizeof(addr)) != 0) {
+ error_f("socket \"%s\" connect: %s", path, strerror(errno));
+ goto out;
+ }
diff --git a/srcpkgs/openssh/template b/srcpkgs/openssh/template
index 0a7dcaa5ba079a..5bd67e87037497 100644
--- a/srcpkgs/openssh/template
+++ b/srcpkgs/openssh/template
@@ -1,6 +1,6 @@
# Template file for 'openssh'
pkgname=openssh
-version=9.7p1
+version=9.8p1
revision=1
build_style=gnu-configure
configure_args="--datadir=/usr/share/openssh
@@ -24,8 +24,9 @@ short_desc="OpenSSH free Secure Shell (SSH) client and server implementation"
maintainer="Leah Neukirchen <leah@vuxu.org>"
license="BSD-2-Clause, ISC"
homepage="https://www.openssh.com"
+changelog="https://www.openssh.com/releasenotes.html"
distfiles="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${version}.tar.gz"
-checksum=490426f766d82a2763fcacd8d83ea3d70798750c7bd2aff2e57dc5660f773ffd
+checksum=dd8bd002a379b5d499dfb050dd1fa9af8029e80461f4bb6c523c49973f5a39f3
conf_files="/etc/ssh/moduli /etc/ssh/ssh_config /etc/ssh/sshd_config /etc/pam.d/sshd"
make_dirs="
/var/chroot/ssh 0755 root root
next prev parent reply other threads:[~2024-07-01 10:25 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-01 9:59 [PR PATCH] " classabbyamp
2024-07-01 10:25 ` classabbyamp [this message]
2024-07-01 10:44 ` [PR PATCH] [Merged]: " classabbyamp
2024-07-05 19:00 ` ethamck
2024-07-05 19:02 ` ethamck
2024-07-05 19:39 ` classabbyamp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240701102545.737C227796@inbox.vuxu.org \
--to=classabbyamp@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).