head	1.2;
access;
symbols
	netbsd-11-0-RC6:1.2
	netbsd-11-0-RC5:1.2
	netbsd-11-0-RC4:1.2
	netbsd-11-0-RC3:1.2
	netbsd-11-0-RC2:1.2
	netbsd-11-0-RC1:1.2
	perseant-exfatfs-base-20250801:1.2
	netbsd-11:1.2.0.2
	netbsd-11-base:1.2
	netbsd-10-1-RELEASE:1.1
	perseant-exfatfs-base-20240630:1.1
	perseant-exfatfs:1.1.0.12
	perseant-exfatfs-base:1.1
	netbsd-10-0-RELEASE:1.1
	netbsd-10-0-RC6:1.1
	netbsd-10-0-RC5:1.1
	netbsd-10-0-RC4:1.1
	netbsd-10-0-RC3:1.1
	netbsd-10-0-RC2:1.1
	netbsd-10-0-RC1:1.1
	netbsd-10:1.1.0.10
	netbsd-10-base:1.1
	cjep_sun2x-base1:1.1
	cjep_sun2x:1.1.0.8
	cjep_sun2x-base:1.1
	cjep_staticlib_x-base1:1.1
	cjep_staticlib_x:1.1.0.6
	cjep_staticlib_x-base:1.1
	phil-wifi-20200421:1.1
	phil-wifi:1.1.0.4
	phil-wifi-20200411:1.1
	is-mlppp:1.1.0.2
	is-mlppp-base:1.1
	phil-wifi-20200406:1.1;
locks; strict;
comment	@# @;


1.2
date	2025.02.18.17.53.25;	author christos;	state Exp;
branches;
next	1.1;
commitid	CgRG94UALowWEYJF;

1.1
date	2020.02.27.00.24.40;	author christos;	state Exp;
branches
	1.1.4.1
	1.1.12.1;
next	;
commitid	pHIahrUG2M5sifYB;

1.1.4.1
date	2020.02.27.00.24.40;	author martin;	state dead;
branches;
next	1.1.4.2;
commitid	X01YhRUPVUDaec4C;

1.1.4.2
date	2020.04.13.07.45.21;	author martin;	state Exp;
branches;
next	;
commitid	X01YhRUPVUDaec4C;

1.1.12.1
date	2025.08.02.05.18.51;	author perseant;	state Exp;
branches;
next	;
commitid	23j6GFaDws3O875G;


desc
@@


1.2
log
@Bring in changes from OpenSSH-9.9p2:

Security
========

* Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1
  (inclusive) contained a logic error that allowed an on-path
  attacker (a.k.a MITM) to impersonate any server when the
  VerifyHostKeyDNS option is enabled. This option is off by default.

* Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1
  (inclusive) is vulnerable to a memory/CPU denial-of-service related
  to the handling of SSH2_MSG_PING packets. This condition may be
  mitigated using the existing PerSourcePenalties feature.

Both vulnerabilities were discovered and demonstrated to be exploitable
by the Qualys Security Advisory team. We thank them for their detailed
review of OpenSSH.

For OpenBSD, fixes to these problems are available as errata; refer
to https://www.openbsd.org/errata.html

Bugfixes
========

 * ssh(1), sshd(8): fix regression in Match directive that caused
   failures when predicates and their arguments were separated by '='
   characters instead of whitespace (bz3739).

 * sshd(8): fix the "Match invalid-user" predicate, which was matching
   incorrectly in the initial pass of config evaluation.

 * ssh(1), sshd(8), ssh-keyscan(1): fix mlkem768x25519-sha256 key
   exchange on big-endian systems.

 * Fix a number of build problems on particular operating systems /
   configurations.
@
text
@#	$NetBSD: Makefile.inc,v 1.1 2020/02/27 00:24:40 christos Exp $

.include "${.PARSEDIR}/../bin/Makefile.inc"
.include "${.PARSEDIR}/../Makefile.inc"
@


1.1
log
@Merge conflicts
@
text
@d1 1
a1 5
#	$NetBSD: Makefile.inc,v 1.3 2014/10/19 16:30:58 christos Exp $

CPPFLAGS+=-DWITH_OPENSSL
LDADD+=	-lssh -lcrypto -lcrypt -lz
DPADD+=	${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} ${LIBZ}
d3 1
@


1.1.12.1
log
@Sync with HEAD
@
text
@d1 5
a5 1
#	$NetBSD: Makefile.inc,v 1.2 2025/02/18 17:53:25 christos Exp $
a6 1
.include "${.PARSEDIR}/../bin/Makefile.inc"
@


1.1.4.1
log
@file Makefile.inc was added on branch phil-wifi on 2020-04-13 07:45:21 +0000
@
text
@d1 7
@


1.1.4.2
log
@Mostly merge changes from HEAD upto 20200411
@
text
@a0 7
#	$NetBSD: Makefile.inc,v 1.1 2020/02/27 00:24:40 christos Exp $

CPPFLAGS+=-DWITH_OPENSSL
LDADD+=	-lssh -lcrypto -lcrypt -lz
DPADD+=	${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} ${LIBZ}

.include "${.PARSEDIR}/../Makefile.inc"
@


