pkg/42635: security/openssh update -> 5.3.1p1 + hpn-13v7

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/42635: security/openssh update -> 5.3.1p1 + hpn-13v7
From: pettai%nordu.net@localhost
Date: Sun, 17 Jan 2010 19:35:00 +0000 (UTC)
>Number:         42635
>Category:       pkg
>Synopsis:       security/openssh update -> 5.3.1p1 + hpn-13v7
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun Jan 17 19:35:00 +0000 2010
>Originator:     Fredrik Pettai
>Release:        NetBSD 5.0_STABLE
>Organization:
NORDUnet A/S
>Environment:
>Description:
As per doc/TODO, OpenSSH 5.2.1p1 requested to be updated to 5.3.1p1.
Patch attached below (Fix).

This is a bugfix release, no new features have been added.

Changes since OpenSSH 5.2
=========================

General Bugfixes:

 * Do not limit home directory paths to 256 characters. bz#1615

 * Several minor documentation and correctness fixes.

Portable OpenSSH Bugfixes:

 * This release removes for support for very old versions of Cygwin and
   for Windows 95/98/ME

 * Move the deletion of PAM credentials on logout to after the session
   close. bz#1534

 * Make PrintLastLog work on AIX. bz#1595

 * Avoid compile errors on FreeBSD from conflicts in glob.h. bz#1634

 * Delay dropping of root privileges on AIX so chroot and pam_open_session
   work correctly. bz#1249 and bz#1567

 * Increase client IO buffer on Cygwin to 64K, realising a significant
   performance improvement.
 
 * Roll back bz#1241 (better handling for expired passwords on Tru64).
   The change broke password logins on some configurations.

 * Accept ENOSYS as a fallback error when attempting atomic
   rename(). bz#1535

 * Fix passing of variables to recursive make(1) invocations on Solaris.
   bz#1505

 * Skip the tcgetattr call on the pty master on Solaris, since it never
   succeeds and can hang if large amounts of data is sent to the slave
   (eg a copy-paste). bz#1528 

 * Fix detection of krb5-config. bz#1639

 * Fix test for server-assigned remote forwarding port for non-root users.
   bz#1578

 * Fix detection of libresolv on OSX 10.6.
>How-To-Repeat:

>Fix:
-bash-4.0$ cvs diff -u 
cvs diff: Diffing .
Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/Makefile,v
retrieving revision 1.193
diff -u -r1.193 Makefile
--- Makefile    6 Sep 2009 22:36:33 -0000       1.193
+++ Makefile    17 Jan 2010 19:22:41 -0000
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.193 2009/09/06 22:36:33 zafer Exp $
 
-DISTNAME=              openssh-5.2p1
-PKGNAME=               openssh-5.2.1
+DISTNAME=              openssh-5.3p1
+PKGNAME=               openssh-5.3.1
 SVR4_PKGNAME=          ossh
 CATEGORIES=            security
 MASTER_SITES=          ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
@@ -13,7 +13,7 @@
                        ftp://mirror.pacific.net.au/OpenBSD/OpenSSH/portable/
 # Don't delete the last entry -- it's there if the pkgsrc version is not
 # up-to-date and the mirrors already removed the old distfile.
-DIST_SUBDIR=           ${PKGBASE}-5.2.1-20090521
+DIST_SUBDIR=           ${PKGBASE}-5.3.1-20100117
 
 MAINTAINER=            pkgsrc-users%NetBSD.org@localhost
 HOMEPAGE=              http://www.openssh.com/
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/distinfo,v
retrieving revision 1.72
diff -u -r1.72 distinfo
--- distinfo    21 May 2009 03:22:29 -0000      1.72
+++ distinfo    17 Jan 2010 19:22:41 -0000
@@ -1,11 +1,11 @@
 $NetBSD: distinfo,v 1.72 2009/05/21 03:22:29 taca Exp $
 
-SHA1 (openssh-5.2.1-20090521/openssh-5.2p1-hpn13v6.diff.gz) = 
9683d5feb3f7e302ef836901af5366df6c425815
-RMD160 (openssh-5.2.1-20090521/openssh-5.2p1-hpn13v6.diff.gz) = 
d647d3b0547e4d698c616f5ed6643b3ddbcced95
-Size (openssh-5.2.1-20090521/openssh-5.2p1-hpn13v6.diff.gz) = 33540 bytes
-SHA1 (openssh-5.2.1-20090521/openssh-5.2p1.tar.gz) = 
8273a0237db98179fbdc412207ff8eb14ff3d6de
-RMD160 (openssh-5.2.1-20090521/openssh-5.2p1.tar.gz) = 
7c53f342034b16e9faa9f5a09ef46390420722eb
-Size (openssh-5.2.1-20090521/openssh-5.2p1.tar.gz) = 1016612 bytes
+SHA1 (openssh-5.3.1-20100117/openssh-5.3p1-hpn13v7.diff.gz) = 
724aa137c8c42e89af454ce904845a3a2d9e8ed9
+RMD160 (openssh-5.3.1-20100117/openssh-5.3p1-hpn13v7.diff.gz) = 
a57c038d6b57a2869295e3000abd50658ebb5b93
+Size (openssh-5.3.1-20100117/openssh-5.3p1-hpn13v7.diff.gz) = 22734 bytes
+SHA1 (openssh-5.3.1-20100117/openssh-5.3p1.tar.gz) = 
d411fde2584ef6022187f565360b2c63a05602b5
+RMD160 (openssh-5.3.1-20100117/openssh-5.3p1.tar.gz) = 
f8c98b4b91b7e0e02b33837ef6978e8b7570cf9e
+Size (openssh-5.3.1-20100117/openssh-5.3p1.tar.gz) = 1027130 bytes
 SHA1 (patch-aa) = 38546f8fd8bf6021d43cdf076ab723ad39a5f78e
 SHA1 (patch-ab) = 00e7e50a35e8b3bcfa53b239b520a12498c8dca0
 SHA1 (patch-ac) = ba97b23c6527311256b335c58175da9e9a3616e4
@@ -13,14 +13,14 @@
 SHA1 (patch-ae) = 9585221f9e49b4ebea31c374066d70e11aa804a1
 SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6
 SHA1 (patch-ag) = b5cb0400d3cda9cb6d60dc729e54b1ffc34ec9e2
-SHA1 (patch-ah) = fa5175734678e95d05dcdcebadeb79df3ecef760
+SHA1 (patch-ah) = 6ddd934be038c9177df6856dbcb6e44feab05146
 SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403
 SHA1 (patch-aj) = 5c89b4a7da59f05c50c16083aa6dd6e465cd0305
 SHA1 (patch-ak) = 550eae0b47dc220dac2439f57b39b7e4319057c5
-SHA1 (patch-al) = a3906a9b6a9a15b948b8bab3a85454f2515400bd
+SHA1 (patch-al) = ffd15b2ef3cb6b57419c0f6f1f4f795e497382d7
 SHA1 (patch-am) = 4893a8a059d611d35c1fb9ff03b598c590e0355e
 SHA1 (patch-an) = 5b41d9493028dd4dce4a73ea78e43f3a073108e5
-SHA1 (patch-ao) = 6b64be9b230ddb634b9b5fdab22c4944ae605153
+SHA1 (patch-ao) = 1343faeb45f8e1fe8126a1c76b41439b275efa9b
 SHA1 (patch-ap) = 041059e25d2331aace0eaa5a6c3032afb3d565b4
 SHA1 (patch-aq) = 1a7d8a4c5e70a0c6211247ba583534ed8ce317d0
 SHA1 (patch-ar) = a1099e0175a2b14f3b19db04261891179b1e3299
Index: options.mk
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/options.mk,v
retrieving revision 1.17
diff -u -r1.17 options.mk
--- options.mk  21 May 2009 03:22:29 -0000      1.17
+++ options.mk  17 Jan 2010 19:22:41 -0000
@@ -17,7 +17,7 @@
 .endif
 
 .if !empty(PKG_OPTIONS:Mhpn-patch)
-PATCHFILES=            openssh-5.2p1-hpn13v6.diff.gz
+PATCHFILES=            openssh-5.3p1-hpn13v7.diff.gz
 PATCH_SITES=           http://www.psc.edu/networking/projects/hpn-ssh/
 PATCH_DIST_STRIP=      -p1
 .endif
cvs diff: Diffing files
cvs diff: Diffing patches
Index: patches/patch-ah
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/patches/patch-ah,v
retrieving revision 1.25
diff -u -r1.25 patch-ah
--- patches/patch-ah    21 May 2009 03:22:29 -0000      1.25
+++ patches/patch-ah    17 Jan 2010 19:22:41 -0000
@@ -20,9 +20,9 @@
  install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) 
install-files
  
  check-config:
-@@ -242,7 +242,7 @@ check-config:
+@@ -244,7 +244,7 @@ check-config:
  scard-install:
-       (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
+       (cd scard && env DESTDIR=$(DESTDIR) $(MAKE) DESTDIR=$(DESTDIR) install)
  
 -install-files: scard-install
 +install-files:
Index: patches/patch-al
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/patches/patch-al,v
retrieving revision 1.8
diff -u -r1.8 patch-al
--- patches/patch-al    21 May 2009 03:22:29 -0000      1.8
+++ patches/patch-al    17 Jan 2010 19:22:41 -0000
@@ -2,16 +2,16 @@
 
 --- auth1.c.orig       2008-07-09 19:54:05.000000000 +0900
 +++ auth1.c
-@@ -328,7 +328,7 @@ do_authloop(Authctxt *authctxt)
-               }
- #else
+@@ -320,7 +320,7 @@ do_authloop(Authctxt *authctxt)
+ 
+ #ifndef HAVE_CYGWIN
                /* Special handling for root */
 -              if (authenticated && authctxt->pw->pw_uid == 0 &&
 +              if (authenticated && authctxt->pw->pw_uid == ROOTUID &&
                    !auth_root_allowed(meth->name)) {
                        authenticated = 0;
  # ifdef SSH_AUDIT_EVENTS
-@@ -426,8 +426,8 @@ do_authentication(Authctxt *authctxt)
+@@ -418,8 +418,8 @@ do_authentication(Authctxt *authctxt)
         * If we are not running as root, the user must have the same uid as
         * the server.
         */
Index: patches/patch-ao
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/patches/patch-ao,v
retrieving revision 1.13
diff -u -r1.13 patch-ao
--- patches/patch-ao    21 May 2009 03:22:29 -0000      1.13
+++ patches/patch-ao    17 Jan 2010 19:22:41 -0000
@@ -43,7 +43,7 @@
        if (debug_flag) {
                /* dump the environment */
                fprintf(stderr, "Environment:\n");
-@@ -1464,9 +1476,9 @@ do_setusercontext(struct passwd *pw)
+@@ -1462,9 +1474,9 @@ do_setusercontext(struct passwd *pw)
        (void)ssh_selinux_enabled();
  #endif
  
@@ -53,8 +53,8 @@
 -#endif /* HAVE_CYGWIN */
 +#endif /* !HAVE_CYGWIN && !HAVE_INTERIX */
        {
- 
- #ifdef HAVE_SETPCRED
+ #ifdef HAVE_LOGIN_CAP
+ # ifdef __bsdi__
 @@ -1500,11 +1512,13 @@ do_setusercontext(struct passwd *pw)
                        perror("setgid");
                        exit(1);
Prev by Date: Re: pkg/42627: Python 2.5 cannot be built on NetBSD-current (sparc)
Next by Date: Restore your online account
Previous by Thread: pkg/42634: Boehm GC compilation on NetBSD-5.99.23/sparc
Next by Thread: Restore your online account
Indexes:
Home | Main Index | Thread Index | Old Index