head 1.6; access; symbols pkgsrc-2013Q2:1.6.0.14 pkgsrc-2013Q2-base:1.6 pkgsrc-2012Q4:1.6.0.12 pkgsrc-2012Q4-base:1.6 pkgsrc-2011Q4:1.6.0.10 pkgsrc-2011Q4-base:1.6 pkgsrc-2011Q2:1.6.0.8 pkgsrc-2011Q2-base:1.6 pkgsrc-2009Q4:1.6.0.6 pkgsrc-2009Q4-base:1.6 pkgsrc-2008Q4:1.6.0.4 pkgsrc-2008Q4-base:1.6 pkgsrc-2008Q3:1.6.0.2 pkgsrc-2008Q3-base:1.6 cube-native-xorg:1.5.0.18 cube-native-xorg-base:1.5 pkgsrc-2008Q2:1.5.0.16 pkgsrc-2008Q2-base:1.5 cwrapper:1.5.0.14 pkgsrc-2008Q1:1.5.0.12 pkgsrc-2008Q1-base:1.5 pkgsrc-2007Q4:1.5.0.10 pkgsrc-2007Q4-base:1.5 pkgsrc-2007Q3:1.5.0.8 pkgsrc-2007Q3-base:1.5 pkgsrc-2007Q2:1.5.0.6 pkgsrc-2007Q2-base:1.5 pkgsrc-2007Q1:1.5.0.4 pkgsrc-2007Q1-base:1.5 pkgsrc-2006Q4:1.5.0.2 pkgsrc-2006Q4-base:1.5 pkgsrc-2006Q3:1.4.0.8 pkgsrc-2006Q3-base:1.4 pkgsrc-2006Q2:1.4.0.6 pkgsrc-2006Q2-base:1.4 pkgsrc-2006Q1:1.4.0.4 pkgsrc-2006Q1-base:1.4 pkgsrc-2005Q4:1.4.0.2 pkgsrc-2005Q4-base:1.4 pkgsrc-2005Q3:1.3.0.6 pkgsrc-2005Q3-base:1.3 pkgsrc-2005Q2:1.3.0.4 pkgsrc-2005Q2-base:1.3 pkgsrc-2005Q1:1.3.0.2 pkgsrc-2005Q1-base:1.3 pkgsrc-2004Q4:1.2.0.6 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.4 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.2 pkgsrc-2004Q2-base:1.2; locks; strict; comment @# @; 1.6 date 2008.09.16.12.53.08; author taca; state dead; branches; next 1.5; 1.5 date 2006.10.31.03.31.20; author taca; state Exp; branches; next 1.4; 1.4 date 2005.11.04.15.45.03; author tv; state Exp; branches 1.4.8.1; next 1.3; 1.3 date 2005.03.07.23.29.50; author tv; state Exp; branches; next 1.2; 1.2 date 2004.05.10.18.12.43; author wiz; state dead; branches; next 1.1; 1.1 date 2004.04.28.04.00.17; author jlam; state Exp; branches; next ; 1.4.8.1 date 2006.11.10.11.50.26; author salo; state Exp; branches; next ; desc @@ 1.6 log @Update openssh package to 5.1.1 (5.1p1) Changes from OpenSSH 5.0 is huge to write here, please refer its release note: http://www.openssh.com/txt/release-5.1. I quote only Security section from the release note. Security: * sshd(8): Avoid X11 man-in-the-middle attack on HP/UX (and possibly other platforms) when X11UseLocalhost=no When attempting to bind(2) to a port that has previously been bound with SO_REUSEADDR set, most operating systems check that either the effective user-id matches the previous bind (common on BSD-derived systems) or that the bind addresses do not overlap (Linux and Solaris). Some operating systems, such as HP/UX, do not perform these checks and are vulnerable to an X11 man-in-the-middle attack when the sshd_config(5) option X11UseLocalhost has been set to "no" - an attacker may establish a more-specific bind, which will be used in preference to sshd's wildcard listener. Modern BSD operating systems, Linux, OS X and Solaris implement the above checks and are not vulnerable to this attack, nor are systems where the X11UseLocalhost has been left at the default value of "yes". Portable OpenSSH 5.1 avoids this problem for all operating systems by not setting SO_REUSEADDR when X11UseLocalhost is set to no. This vulnerability was reported by sway2004009 AT hotmail.com. @ text @$NetBSD: patch-as,v 1.5 2006/10/31 03:31:20 taca Exp $ --- log.h.orig 2006-08-18 23:32:21.000000000 +0900 +++ log.h @@@@ -51,7 +51,7 @@@@ void log_init(char *, LogLevel, Sysl SyslogFacility log_facility_number(char *); LogLevel log_level_number(char *); -void fatal(const char *, ...) __dead __attribute__((format(printf, 1, 2))); +void fatal(const char *, ...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2))); void error(const char *, ...) __attribute__((format(printf, 1, 2))); void sigdie(const char *, ...) __attribute__((format(printf, 1, 2))); void logit(const char *, ...) __attribute__((format(printf, 1, 2))); @@@@ -61,5 +61,5 @@@@ void debug2(const char *, ...) __att void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); void do_log(LogLevel, const char *, va_list); -void cleanup_exit(int) __dead; +void cleanup_exit(int) __attribute__((noreturn)); #endif @ 1.5 log @Update openssh package to 4.4.1 (openssh-4.4p1). - A few pkglint warning clean up. - Major changes are here. For complete changes, see http://www.openssh.com/txt/release-4.4. Changes since OpenSSH 4.3: ============================ Security bugs resolved in this release: * Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired. * Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. * On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. This release includes the following new functionality and fixes: * Implemented conditional configuration in sshd_config(5) using the "Match" directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met. So far a useful subset of post- authentication options are supported and more are expected to be added in future releases. * Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256. * Added a "ForceCommand" directive to sshd_config(5). Similar to the command="..." option accepted in ~/.ssh/authorized_keys, this forces the execution of the specified command regardless of what the user requested. This is very useful in conjunction with the new "Match" option. * Add a "PermitOpen" directive to sshd_config(5). This mirrors the permitopen="..." authorized_keys option, allowing fine-grained control over the port-forwardings that a user is allowed to establish. * Add optional logging of transactions to sftp-server(8). * ssh(1) will now record port numbers for hosts stored in ~/.ssh/authorized_keys when a non-standard port has been requested. * Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established. * Extend sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments. * Replacement of all integer overflow susceptible invocations of malloc(3) and realloc(3) with overflow-checking equivalents. * Many manpage fixes and improvements * New portable OpenSSH-specific features: - Add optional support for SELinux, controlled using the --with-selinux configure option (experimental) - Add optional support for Solaris process contracts, enabled using the --with-solaris-contracts configure option (experimental) This option will also include SMF metadata in Solaris packages built using the "make package" target - Add optional support for OpenSSL hardware accelerators (engines), enabled using the --with-ssl-engine configure option. @ text @d1 1 a1 1 $NetBSD: patch-as,v 1.4 2005/11/04 15:45:03 tv Exp $ @ 1.4 log @Change the __dead patches into the form I'm submitting back to the openssh-portable team (elide the extra cpp macro level). @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- log.h.orig 2004-06-21 22:57:44.000000000 -0400 d5 1 a5 1 @@@@ -53,7 +53,7 @@@@ void log_init(char *, LogLevel, Sysl d12 1 d14 1 a14 2 void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); @@@@ -62,5 +62,5 @@@@ void debug2(const char *, ...) __att @ 1.4.8.1 log @Pullup ticket 1909 - requested by taca security update for openssh Revisions pulled up: - pkgsrc/security/openssh/Makefile 1.172, 1.173, 1.174 - pkgsrc/security/openssh/distinfo 1.55, 1.56, 1.57 - pkgsrc/security/openssh/hacks.mk 1.2 - pkgsrc/security/openssh/options.mk 1.9, 1.10 - pkgsrc/security/openssh/patches/patch-aa 1.42, 1.43 - pkgsrc/security/openssh/patches/patch-ab 1.24, 1.25 - pkgsrc/security/openssh/patches/patch-ac 1.16 - pkgsrc/security/openssh/patches/patch-ad 1.12 - pkgsrc/security/openssh/patches/patch-ae 1.12 - pkgsrc/security/openssh/patches/patch-af 1.10 - pkgsrc/security/openssh/patches/patch-ag 1.9 - pkgsrc/security/openssh/patches/patch-ah 1.24 - pkgsrc/security/openssh/patches/patch-ai 1.10 - pkgsrc/security/openssh/patches/patch-aj 1.7 - pkgsrc/security/openssh/patches/patch-ak 1.8 - pkgsrc/security/openssh/patches/patch-al 1.7 - pkgsrc/security/openssh/patches/patch-am 1.7 - pkgsrc/security/openssh/patches/patch-an 1.8 - pkgsrc/security/openssh/patches/patch-ao 1.9 - pkgsrc/security/openssh/patches/patch-ap 1.8 - pkgsrc/security/openssh/patches/patch-aq 1.6 - pkgsrc/security/openssh/patches/patch-ar 1.7 - pkgsrc/security/openssh/patches/patch-as 1.5 - pkgsrc/security/openssh/patches/patch-at removed - pkgsrc/security/openssh/patches/patch-au 1.3 - pkgsrc/security/openssh/patches/patch-av 1.5 - pkgsrc/security/openssh/patches/patch-aw 1.2 - pkgsrc/security/openssh/patches/patch-ax removed - pkgsrc/security/openssh/patches/patch-ay removed - pkgsrc/security/openssh/patches/patch-az removed Module Name: pkgsrc Committed By: taca Date: Tue Oct 31 03:31:20 UTC 2006 Modified Files: pkgsrc/security/openssh: Makefile distinfo hacks.mk options.mk pkgsrc/security/openssh/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-ak patch-al patch-am patch-an patch-ao patch-ap patch-aq patch-ar patch-as patch-au patch-av patch-aw Removed Files: pkgsrc/security/openssh/patches: patch-at patch-ax patch-ay patch-az Log Message: Update openssh package to 4.4.1 (openssh-4.4p1). - A few pkglint warning clean up. - Major changes are here. For complete changes, see http://www.openssh.com/txt/release-4.4. Changes since OpenSSH 4.3: ============================ Security bugs resolved in this release: * Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired. * Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. * On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. This release includes the following new functionality and fixes: * Implemented conditional configuration in sshd_config(5) using the "Match" directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met. So far a useful subset of post- authentication options are supported and more are expected to be added in future releases. * Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256. * Added a "ForceCommand" directive to sshd_config(5). Similar to the command="..." option accepted in ~/.ssh/authorized_keys, this forces the execution of the specified command regardless of what the user requested. This is very useful in conjunction with the new "Match" option. * Add a "PermitOpen" directive to sshd_config(5). This mirrors the permitopen="..." authorized_keys option, allowing fine-grained control over the port-forwardings that a user is allowed to establish. * Add optional logging of transactions to sftp-server(8). * ssh(1) will now record port numbers for hosts stored in ~/.ssh/authorized_keys when a non-standard port has been requested. * Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established. * Extend sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments. * Replacement of all integer overflow susceptible invocations of malloc(3) and realloc(3) with overflow-checking equivalents. * Many manpage fixes and improvements * New portable OpenSSH-specific features: - Add optional support for SELinux, controlled using the --with-selinux configure option (experimental) - Add optional support for Solaris process contracts, enabled using the --with-solaris-contracts configure option (experimental) This option will also include SMF metadata in Solaris packages built using the "make package" target - Add optional support for OpenSSL hardware accelerators (engines), enabled using the --with-ssl-engine configure option. --- Module Name: pkgsrc Committed By: taca Date: Tue Nov 7 07:08:26 UTC 2006 Modified Files: pkgsrc/security/openssh: Makefile distinfo options.mk Log Message: Update hpn-patch to hpn12v13 since old one has gone. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Wed Nov 8 01:49:22 UTC 2006 Modified Files: pkgsrc/security/openssh: Makefile distinfo pkgsrc/security/openssh/patches: patch-aa patch-ab Log Message: Update openssh package to 4.5.1 (openssh-4.5p1). Changes: Security bugs resolved in this release: * Fix a bug in the sshd privilege separation monitor that weakened its verification of successful authentication. This bug is not known to be exploitable in the absence of additional vulnerabilities. This release includes the following non-security fixes: * Several compilation fixes for portable OpenSSH * Fixes to Solaris SMF/process contract support (bugzilla #1255) @ text @d1 1 a1 1 $NetBSD: patch-as,v 1.5 2006/10/31 03:31:20 taca Exp $ d3 1 a3 1 --- log.h.orig 2006-08-18 23:32:21.000000000 +0900 d5 1 a5 1 @@@@ -51,7 +51,7 @@@@ void log_init(char *, LogLevel, Sysl a11 1 void sigdie(const char *, ...) __attribute__((format(printf, 1, 2))); d13 2 a14 1 @@@@ -61,5 +61,5 @@@@ void debug2(const char *, ...) __att @ 1.3 log @nb5: Rework Interix support, based on work done by Interop Systems *before* a BSD-with-advertising license was added to their diffs, and other work done personally by me. sshd now works. Most permissions checks work properly. Privsep is off by default, and the sshd user is not created, on Interix until some problems with privsep are fixed (perhaps by abstracting the auth functionality out to openpam). @ text @d10 1 a10 1 +void fatal(const char *, ...) __noreturn __attribute__((format(printf, 1, 2))); d19 1 a19 1 +void cleanup_exit(int) __noreturn; @ 1.2 log @Not needed after 3.8.1p1 update. @ text @d1 1 a1 1 $NetBSD: patch-as,v 1.1 2004/04/28 04:00:17 jlam Exp $ d3 5 a7 5 --- monitor.c.orig Fri Feb 6 00:40:27 2004 +++ monitor.c @@@@ -738,7 +738,7 @@@@ mm_answer_skeyquery(int socket, Buffer * char challenge[1024]; u_int success; d9 7 a15 2 - success = skeychallenge(&skey, authctxt->user, challenge) < 0 ? 0 : 1; + success = SKEYCHALLENGE(&skey, authctxt->user, challenge, sizeof(challenge)) < 0 ? 0 : 1; d17 4 a20 2 buffer_clear(m); buffer_put_int(m, success); @ 1.1 log @Fix up OpenSSH sources to allow building with S/Key support on NetBSD as well. Bump the PKGREVISION. XXX The right fix is to create a autoconf check for the number of args XXX that skeychallenge takes and do the right thing accordingly. @ text @d1 1 a1 1 $NetBSD$ @