FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
openssh-portable The portable version of OpenBSD's OpenSSH
7.3.p1,1 security on this many watch lists=116 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: bdrewery@FreeBSD.org search for ports maintained by this maintainer
Port Added: 01 Jun 2001 11:49:36
Also Listed In: ipv6
License: not specified in port
OpenBSD's OpenSSH portable version

Normal OpenSSH development produces a very small, secure, and easy to maintain
version for the OpenBSD project. The OpenSSH Portability Team takes that pure
version and adds portability code so that OpenSSH can run on many other
operating systems (Unfortunately, in particular since OpenSSH does
authentication, it runs into a *lot* of differences between Unix operating
systems).

The portable OpenSSH follows development of the official version, but releases
are not synchronized. Portable releases are marked with a 'p' (e.g. 3.1p1).
The official OpenBSD source will never use the 'p' suffix, but will instead
increment the version number when they hit 'stable spots' in their development.

WWW: http://www.openssh.org/portable.html
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/security/openssh-portable/ && make install clean
To add the package: pkg install openssh-portable

PKGNAME: openssh-portable

distinfo:

TIMESTAMP = 1470675521
SHA256 (openssh-7.3p1.tar.gz) = 3ffb989a6dcaa69594c3b550d4855a5a2e1718ccdde7f5e36387b424220fbecc
SIZE (openssh-7.3p1.tar.gz) = 1522617
SHA256 (openssh-7.2_p1-sctp.patch.gz) = fb67e3e23f39fabf44ef198e3e19527417c75c9352747547448512032365dbfc
SIZE (openssh-7.2_p1-sctp.patch.gz) = 8501
SHA256 (openssh-7.3p1+x509-9.0.diff.gz) = ed468fe2e6220065b2bf3e2ed9eb0c7c8183f32f50fa50d64505d5feaef2d900
SIZE (openssh-7.3p1+x509-9.0.diff.gz) = 571918
SHA256 (openssh-7.3p1-gsskex-all-20141021-debian-rh-20160808.patch.gz) = 83698da23a7d4dd24be9bc15ea7e801890dfc9303815135552c8ddfd158f1a95
SIZE (openssh-7.3p1-gsskex-all-20141021-debian-rh-20160808.patch.gz) = 26818


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. autoconf-2.69 : devel/autoconf
Library dependencies:
  1. libldns.so : dns/ldns
  2. libedit.so.0 : devel/libedit
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for openssh-portable-7.3.p1,1:
     BSM=off: OpenBSM Auditing
     HPN=on: HPN-SSH patch
     KERB_GSSAPI=off: Kerberos/GSSAPI patch (req: GSSAPI)
     LDNS=on: SSHFP/LDNS support
     LIBEDIT=on: Command line editing via libedit
     NONECIPHER=off: NONE Cipher support
     OVERWRITE_BASE=off: EOL, No longer supported.
     PAM=on: Pluggable authentication module support
     SCTP=off: SCTP support
     TCP_WRAPPERS=on: tcp_wrappers support
     X509=off: x509 certificate patch
====> Kerberos support: you can only select none or one of them
     MIT=off: MIT Kerberos (security/krb5)
     HEIMDAL=off: Heimdal Kerberos (security/heimdal)
     HEIMDAL_BASE=off: Heimdal Kerberos (base)
===> Use 'make config' to modify these settings

USES:
alias ncurses libedit ssl

pkg-mesage:
To enable this port, add openssh_enable="YES" in your rc.conf. To
prevent conflict with openssh in the base system add sshd_enable="NO"
in your rc.conf. Also you can configure openssh at another TCP port (via
sshd_config 'Port' and 'Listen' options or via 'openssh_flags'
variable in rc.conf) and run it in same time with base sshd.

'PermitRootLogin no' is the default for the OpenSSH port.
This now matches the PermitRootLogin configuration of OpenSSH in
the base system.  Please be aware of this when upgrading your
OpenSSH port, and if truly necessary, re-enable remote root login
by readjusting this option in your sshd_config.

Users are encouraged to create single-purpose users with ssh keys, disable
Password authentication by setting 'PasswordAuthentication no' and
'ChallengeResponseAuthentication no', and to define very narrow sudo
privileges instead of using root for automated tasks.

Master Sites:
  1. ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/
  2. ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/
  3. ftp://ftp.dkuug.dk/pub/OpenBSD/OpenSSH/portable/
  4. ftp://ftp.freebsdchina.org/pub/OpenBSD/OpenSSH/portable/
  5. ftp://ftp.gamma.ru/pub/OpenBSD/OpenSSH/portable/
  6. ftp://ftp.inet.no/pub/OpenBSD/OpenSSH/portable/
  7. ftp://ftp.irisa.fr/pub/OpenBSD/OpenSSH/portable/
  8. ftp://ftp.jyu.fi/pub/OpenBSD/OpenSSH/portable/
  9. ftp://ftp.nara.wide.ad.jp/pub/OpenBSD/OpenSSH/portable/
  10. ftp://ftp.nluug.nl/pub/OpenBSD/OpenSSH/portable/
  11. ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
  12. ftp://ftp.rediris.es/pub/OpenBSD/OpenSSH/portable/
  13. ftp://ftp.stacken.kth.se/pub/OpenBSD/OpenSSH/portable/
  14. ftp://ftp.su.se/pub/OpenBSD/OpenSSH/portable/
  15. ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/
  16. ftp://ftp5.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/
  17. ftp://openbsd.informatik.uni-erlangen.de/pub/OpenBSD/OpenSSH/portable/
  18. ftp://openbsd.mirrors.tds.net/pub/OpenBSD/OpenSSH/portable/
  19. ftp://osmirrors.cerias.purdue.edu/pub/OpenBSD/OpenSSH/portable/
  20. ftp://rt.fm/pub/OpenBSD/OpenSSH/portable/
  21. http://anga.funkfeuer.at/ftp/pub/OpenBSD/OpenSSH/portable/
  22. http://ftp.arcane-networks.fr/pub/OpenBSD/OpenSSH/portable/
  23. http://ftp.belnet.be/packages/openbsd/OpenSSH/portable/
  24. http://ftp.cc.uoc.gr/mirrors/OpenBSD/OpenSSH/portable/
  25. http://ftp.chg.ru/pub/OpenBSD/OpenSSH/portable/
  26. http://ftp.estpak.ee/pub/OpenBSD/OpenSSH/portable/
  27. http://ftp.eu.openbsd.org/pub/OpenBSD/OpenSSH/portable/
  28. http://ftp.heanet.ie/pub/OpenBSD/OpenSSH/portable/
  29. http://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/
  30. http://ftp.netbsd.se/OpenBSD/OpenSSH/portable/
  31. http://ftp.openbsd.dk/pub/OpenBSD/OpenSSH/portable/
  32. http://mirror.hostfuss.com/pub/OpenBSD/OpenSSH/portable/
  33. http://mirror.internode.on.net/pub/OpenBSD/OpenSSH/portable/
  34. http://mirror.pacific.net.au/OpenBSD/OpenSSH/portable/
  35. http://mirror.switch.ch/ftp/pub/OpenBSD/OpenSSH/portable/
  36. http://mirrors.nic.funet.fi/pub/OpenBSD/OpenSSH/portable/
  37. http://www.mirrorservice.org/pub/OpenBSD/OpenSSH/portable/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2015-08-21
    Affects: users of security/openssh-portable
    Author: bdrewery@FreeBSD.org
    Reason: 
      OpenSSH 7.0 disables support for:
        * SSH protocol 1
        * 1024-bit diffie-hellman-group1-sha1 key exchange
        * ssh-dss, ssh-dss-cert-* host and user keys
        * legacy v00 cert format
    
      See http://www.openssh.com/txt/release-7.0 for more information and
      http://www.openssh.com/legacy.html for how to re-enable some of these
      algorithms.
    
    
  • 2015-03-22
    Affects: Users of security/openssh-portable
    Author: bdrewery@FreeBSD.org
    Reason: 
      The port now uses VersionAddendum for the port version string. Setting
      the value to "none" in your sshd_config and restarting openssh will allow
      removing the version from the banner.
    
    
  • 2014-12-18
    Affects: users of security/openssh-portable
    Author: bdrewery@FreeBSD.org
    Reason: 
      OpenSSH 6.7 disables some insecure ciphers by default, such as arcfour
      and blowfish. You may have clients using these over LAN where security is
      considered less important for the connection. For these cases you may need
      to update your Ciphers entry in your sshd_config to enable them again.
    
      See http://mgalgs.github.io/2014/10/22/enable-arcfour-and-other-fast-ciphers-on-recent-versions-of-openssh.html
    
    
  • 2014-12-16
    Affects: users of security/openssh-portable, security/openssh-portable66
    Author: bdrewery@FreeBSD.org
    Reason: 
      All patches have been fixed for version 6.7. It is no longer required to use
      the security/openssh-portable66 port.
    
      The LPK option was removed from security/openssh-portable as it has been
      deprecated since May 2013. Use AuthorizedKeysCommand as a replacement.
    
    
  • 2014-11-17
    Affects: users of security/openssh-portable
    Author: bdrewery@FreeBSD.org
    Reason: 
      Most of the optional patches for OpenSSH do not apply to the 6.7 update yet.
      The 6.6 version has been copied to security/openssh-portable66 if you require
      the use of one of the optional ports.
    
    
Port Moves

Number of commits found: 292 (showing only 100 on this page)

«  1 | 2 | 3  »  

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
05 Aug 2012 23:05:24
Original commit files touched by this commit  5.8.p2_3,1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
When installing in the base, USE_RCORDER does the right thing without
all the gymnastics
24 Jun 2012 22:49:52
Original commit files touched by this commit  5.8.p2_3,1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Add KEYWORD: shutdown
Simplify some code
Fix an error message
24 Jun 2012 17:51:21
Original commit files touched by this commit  5.8.p2_3,1
 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
- Fix ECDSA key generation in openssh rc.d script
- Bump PORTREVISION for package change

Submitted by:   J. Hellenthal <jhellenthal@dataix.net>
13 Jun 2012 03:02:04
Original commit files touched by this commit  5.8.p2_2,1
 This port version is marked as vulnerable.
eadler search for other commits by this committer
Change HPN patch mirror location to one that works

PR:             ports/168306
Submitted by:   "Bryan Drewery" <bryan@shatow.net>
01 May 2012 09:56:31
Original commit files touched by this commit  5.8.p2_2,1
 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
- Reset maintainership

PR:             ports/167423
Submitted by:   Grzegorz Blach <magik@roorback.net> (maintainer)
28 Mar 2012 18:04:42
Original commit files touched by this commit  5.8.p2_2,1
 This port version is marked as vulnerable.
scheidell search for other commits by this committer
- Perl only needed to build, not needed to run. remove PERL5_RUN from Makefile
- Bump PORTREVISION

PR:             ports/166413
Submitted by:   Gleb Smirnoff <glebius@cell.glebius.int.ru>
Approved by:    Grzegorz Blach <magik@roorback.net> (maintainer)
Feature safe:   yes
14 Jan 2012 08:57:23
Original commit files touched by this commit  5.8.p2_1,1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
23 Dec 2011 12:52:28
Original commit files touched by this commit  5.8.p2_1,1
 This port version is marked as vulnerable.
scheidell search for other commits by this committer
- Add USE_PERL5_BUILD

PR:             ports/163414
Submitted by:   portmgr (pav)
Approved by:    gabor (mentor)
23 Dec 2011 12:24:23
Original commit files touched by this commit  5.8.p2_1,1
 This port version is marked as vulnerable.
scheidell search for other commits by this committer
- openssh-portable needs perl to build (reported by Gleb Smirnoff via mail)
- add ssh_engine.5 man page when openssh-portable WITH_X509 is turned on
(reported by John Hein via mail)

PR:             ports/163414
Submitted by:   Grzegorz Blach <magik@roorback.net>
Approved by:    gabor (mentor)
21 Oct 2011 16:18:57
Original commit files touched by this commit  5.8.p2,1
 This port version is marked as vulnerable.
flo search for other commits by this committer
- update to 5.8p2 [1]
- fix Kerberos knob [2]
- fix build on 9.0 [3]
- fix deinstall with various knobs [4]
- fix LPK knob [5]

PR:             ports/161818 [1], ports/144597 [2], ports/160389 [3]
                ports/150493, ports/156926 [4], ports/155456 [5]

Submitted by:   "Grzegorz Blach" <magik@roorback.net> [1], [2], [4], [5]
                pluknet [3]
Reported by:    Jonathan <lordsith49@hotmail.com> [2]
                Kevin Thompson <antiduh@csh.rit.edu> [4]
                Alexey Remizov <alexey@remizov.org> [5]
19 Jul 2011 02:05:33
Original commit files touched by this commit  5.2.p1_4,1
 This port version is marked as vulnerable.
stephen search for other commits by this committer
- Maintainer to magik@roorback.net

Approved by:    maho (mentor) and magik@roorback.net
13 Jul 2011 21:47:05
Original commit files touched by this commit  5.2.p1_4,1
 This port version is marked as vulnerable.
stephen search for other commits by this committer
- Add VersionAddendum support.
- Bump portrevision.

PR:             ports/142824
Submitted by:   Scot Hetzel <swhetzel@gmail.com>
Approved by:    gabor (mentor)
03 Jul 2011 14:03:52
Original commit files touched by this commit  5.2.p1_3,1
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
-remove MD5
11 Mar 2011 17:11:08
Original commit files touched by this commit  5.2.p1_3,1
 This port version is marked as vulnerable.
skv search for other commits by this committer
Unbreak build with LPK option (broken after commit 1.674 in bsd.port.mk).
27 Dec 2010 09:58:51
Original commit files touched by this commit  5.2.p1_3,1
 This port version is marked as vulnerable.
ale search for other commits by this committer
Remove OpenSC support. This port should be updated to support PKCS#11.
21 Nov 2010 23:48:49
Original commit files touched by this commit  5.2.p1_3,1
 This port version is marked as vulnerable.
rene search for other commits by this committer
- Fix optional dependency on security/heimdal
- Bump PORTREVISION
PR:             ports/152029
Submitted by:   Joerg Pulz [Joerg.Pulz frm2.tum.de]
Approved by:    Ryan Steinmetz <rpsfa@rit.edu> (maintainer of net/freeradius*)
                girgen (maintainer of databases/postgresql*-server,
                        14 day timeout)
31 Aug 2010 02:46:44
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
Add the sftpfilecontrol patch as an OPTION (WITH_FILECONTROL)
See http://sftpfilecontrol.sourceforge.net/  for details.

PR:             ports/146338
Submitted by:   Steve Wills <steve@mouf.net>
22 Aug 2010 23:20:17
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
linimon search for other commits by this committer
Reset dindin@dindin.ru due to maintainer-timeout and no response to email.

Hat:            portmgr
04 May 2010 09:14:22
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Annotate the combination of X509 and KERB_GSSAPI patches as broken

PR:             ports/142819
Submitted by:   Scot Hetzel <swhetzel@gmail.com>
Approved by:    maintainer timeout (1 month)
18 Apr 2010 21:40:14
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
erwin search for other commits by this committer
Mark BROKEN on 9.x: does not build
27 Mar 2010 06:14:03
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
RC_SUBR_SUFFIX has not been needed for a long time now, all supported
versions of FreeBSD now use /etc/rc.subr and rc.d scripts without .sh
appended to the script name.
27 Mar 2010 00:15:24
Original commit files touched by this commit  5.2.p1_2
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#
16 Dec 2009 16:43:21
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Remove BROKEN on 8.x WITH_KERBEROS case. Builds fine on 8.0 and 9.0, i386 and
amd64
- While here, fix minor plist issue for WITH_X509 case

PR:             141679
Submitted by:   Denis Barov <dindin@dindin.ru> (maintainer)
02 Nov 2009 08:08:46
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
lioux search for other commits by this committer
- Under OSVERSION >= 800000, only mark BROKEN if WITH_KERBEROS.
- The port links fine otherwise.
30 Sep 2009 21:09:06
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Mark BROKEN on 8.X with Kerberos - does not link

Reported by:    pointyhat
23 Sep 2009 18:44:47
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Revert USE_RC_SUBR change from last commit, it breaks OVERWRITE_BASE
- Add a hint to pkg-message about running this together with base sshd

PR:             ports/138943
Submitted by:   Denis Barov <dindin@yandex-team.ru> (maintainer)
Feature safe:   yes
18 Sep 2009 14:05:52
Original commit files touched by this commit  5.2.p1_2,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Unbreak KERBEROS option
- Add option for OpenBSD support
- Fix crash in sftp listing

PR:             ports/138409 (cumulative patch)
Submitted by:   Denis Barov <dindin@dindin.ru> (maintainer)
Feature safe:   yes
08 Aug 2009 07:13:50
Original commit files touched by this commit  5.2.p1_1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Mark BROKEN on 8.X: does not link

Reported by:    pointyhat
27 Jun 2009 14:52:57
Original commit files touched by this commit  5.2.p1_1,1
 This port version is marked as vulnerable.
nork search for other commits by this committer
Fix build error WITH_HPN.

PR:                     ports/135407
Submitted by:           maintainer implicit (already submitted)
Pointy hat to:          pgollucci
23 Jun 2009 17:15:33
Original commit files touched by this commit  5.2.p1_1,1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix the previous commit
  The patch file names for LPK were not updated completely in the Makefile

PR:             ports/135968
Submitted by:   Konstantin Kukushkin <dark@rambler-co.ru>
Approved by:    maintainer (implicit, shouyld have been in previous patch)
21 Jun 2009 20:36:15
Original commit files touched by this commit  5.2.p1_1,1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- security/openssh-portable: update HPN and LPK patches to newer versions
- still broken on -CURRENT

PR:             ports/135407
Submitted by:   Denis Barov <dindin@dindin.ru> (maintainer)
19 May 2009 10:13:28
Original commit files touched by this commit  5.2.p1_1,1
 This port version is marked as vulnerable.
osa search for other commits by this committer
Fix build with WITH_LPK support for amd64 by change extra patches order.
Do not bump PORTREVISION.

Submitted by:   Fedor Dikarev aka fe at rambler dash co dot ru
Spotted by:     maxim
Approved by:    maintainer unavailable, i.e.
                $ whois dindin.ru | grep ^state
                state:      REGISTERED, NOT DELEGATED
PR:             amd64/134706
17 May 2009 03:00:11
Original commit files touched by this commit  5.2.p1_1,1
 This port version is marked as vulnerable.
nork search for other commits by this committer
Fix HPN crash issue by using aes128-ctr, aes192-ctr and aes256-ctr.

Approved by:    pav
15 May 2009 11:00:28
Original commit files touched by this commit  5.2.p1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 5.2p1
- Assign maintainership to the submitter

PR:             ports/134160
Submitted by:   Denis Barov <dindin@dindin.ru>
22 Apr 2009 06:01:40
Original commit files touched by this commit  5.1.p1,1
 This port version is marked as vulnerable.
sumikawa search for other commits by this committer
Fix several problems with OPENSSH_OVERWRITE_BASE=1.
- Empty dir handling
- rc.d installation
- prefix modification in manuals

From:           Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
PR:             ports/133412
24 Mar 2009 17:41:44
Original commit files touched by this commit  5.1.p1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Reset long-term inactive maintainer
24 Mar 2009 17:41:06
Original commit files touched by this commit  5.1.p1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Integrate x509 certificate patch (optional, default off) from
http://www.roumenpetrov.info/openssh/

PR:             ports/121438
Submitted by:   Dirk-Willem van Gulik <dirkx@webweaving.org>
Approved by:    maintainer timeout (mnag; 1 year)
24 Mar 2009 17:33:41
Original commit files touched by this commit  5.1.p1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Add vendor patch for lpk patch that fixes runtime on amd64

PR:             ports/129092
Submitted by:   Jui-Nan Lin <jnlin@csie.nctu.edu.tw>
Approved by:    maintainer timeout (mnag; 4 months)
24 Mar 2009 17:26:18
Original commit files touched by this commit  5.1.p1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 5.1p1

PR:             ports/128679
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
Approved by:    maintainer timeout (mnag; 4 months)
11 Nov 2008 13:03:40
Original commit files touched by this commit  5.0.p1,1
 This port version is marked as vulnerable.
skv search for other commits by this committer
Fix rootless build.

PR:             ports/126164
Submitted by:   skv
Approved by:    maintainer timeout (> 3 months)
21 Aug 2008 06:18:49
Original commit files touched by this commit  5.0.p1,1
 This port version is marked as vulnerable.
rafan search for other commits by this committer
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
(Only the first 15 lines of the commit message are shown above View all of this commit message)
22 Jun 2008 19:26:07
Original commit files touched by this commit  5.0.p1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Mark BROKEN after recent kerberos update
19 Apr 2008 13:46:25
Original commit files touched by this commit  5.0.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 5.0p1
- Port LPK patch to 5.0p1 and add to files dir
- Remove USE_PERL_BUILD since doesn't need [1]
- Update KERB_GSSAPI to 5.0p1
- Update HPN patch to 5.0p1 13v3
- Respect LOCALBASE on configure_args of LPK [2]
- Change MASTER_SITE of snapshot
- portlint(1)

PR:             121826 [2]
Submitted by:   Andrew Kolchoogin <andrew___rinet.ru> [2]
Reported by:    Björn König <bkoenig___alpha-tierchen.d [1]
16 Jan 2008 13:09:00
Original commit files touched by this commit  4.7.p1_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update HPN patch to hpn12v20
- Bump PORTREVISION

Submitted by:   Ollivier Robert <roberto__keltia.freenix.fr>
05 Oct 2007 12:41:26
Original commit files touched by this commit  4.7.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update gsskex patch to 20070927
- Update HPN patch to hpn12v19 [1]

Notified by:    ale [1]
04 Oct 2007 06:00:24
Original commit files touched by this commit  4.7.p1,1
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Remove always-false/true conditions based on OSVERSION 500000
14 Sep 2007 01:32:25
Original commit files touched by this commit  4.7.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update MD5/SHA256 of openssh hpn patch. This patch are rerolled to update
version:

--- openssh-4.7p1-hpn12v18.diff 2007-09-13 17:11:05.000000000 -0300
+++ /usr/ports/distfiles/openssh-4.7p1-hpn12v18.diff    2007-09-05
18:13:03.000000000 -0300
@@ -1580,5 +1580,5 @@

  #define SSH_PORTABLE  "p1"
 -#define SSH_RELEASE   SSH_VERSION SSH_PORTABLE
-+#define SSH_HPN         "-hpn12v18"
++#define SSH_HPN         "-hpn12v17"
 +#define SSH_RELEASE   SSH_VERSION SSH_PORTABLE SSH_HPN

Reported by:    Tsurutani Naoki <turutani___scphys.kyoto-u.ac.jp>
08 Sep 2007 01:18:31
Original commit files touched by this commit  4.7.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 4.7p1
- Update HPN patch to 4.7p1-hpn12v18
- Mark as BROKEN WITH_KERB_GSSAPI while developer release a new patch
30 Aug 2007 15:40:39
Original commit files touched by this commit  4.6.p1_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Enable ssl-engine
- Update gsskex patch to 4.6p1-gsskex-20070312
- Update lpk patch to 4.6p1-0.3.9
- Update hpn patch to 4.6p1-hpn12v17
- Fix challenge-response issue
- Bump PORTREVISION

Reported by:    Stefan Lambrev [1], ale@ [1]
23 Jul 2007 09:36:52
Original commit files touched by this commit  4.6.p1,1
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Set --mandir and --infodir in CONFIGURE_ARGS if the configure script
  supports them.  This is determined by running ``configure --help'' in
  do-configure target and set the shell variable _LATE_CONFIGURE_ARGS
  which is then passed to CONFIGURE_ARGS.
- Remove --mandir and --infodir in ports' Makefile where applicable
  Few ports use REINPLACE_CMD to achieve the same effect, remove them too.
- Correct some manual pages location from PREFIX/man to MANPREFIX/man
- Define INFO_PATH where necessary
- Document that .info files are installed in a subdirectory relative to
  PREFIX/INFO_PATH and slightly change add-plist-info to use INFO_PATH and
  subdirectory detection.

PR:             ports/111470
Approved by:    portmgr
Discussed with: stas (Mk/*), gerald (info related stuffs)
Tested by:      pointyhat exp run
12 Mar 2007 22:13:18
Original commit files touched by this commit  4.6.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update OpenSSH to 4.6p1
- Update GSSKEX patch to 20061220
- Update HPN patch to hpn12v16
- Update LPK patch to 0.3.8
06 Feb 2007 11:49:46
Original commit files touched by this commit  4.5.p1,1
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Use RC_SUBR_SUFFIX

Approved by:    mnag (maintainer)
17 Nov 2006 18:58:43
Original commit files touched by this commit  4.5.p1,1
 This port version is marked as vulnerable.
ale search for other commits by this committer
Update HPN patch to v14 for openssh 4.5p1.

Approved by:    mnag
10 Nov 2006 14:28:42
Original commit files touched by this commit  4.5.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Fix CHROOT patch using chroot() before setusercontext() and add strerror() in
message if chroot() fail.

Notified by:    Chris Gardner <chris_g_g___hotmail.com>
10 Nov 2006 13:11:49
Original commit files touched by this commit  4.5.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 4.5p1
- patch-sshd.c unconditionally includes <gssapi.h>. Include "ssh-gss.h" instead.
[1]

PR:             104481 [1]
Submitted by:   Mark Andrews <Mark_Andrews___isc.org> [1]
17 Oct 2006 13:27:18
Original commit files touched by this commit  4.4.p1_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update HPN patch. Patch are renamed, the only content differences are two rows
now enclosed in an "else" block.

Submitted by:   ale
Approved by:    portmgr (erwin)
07 Oct 2006 21:06:55
Original commit files touched by this commit  4.4.p1_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Add OPTION to enable Kerberos/GSSAPI patch [1]
- Add OPTION to enable LPK patch (ldap stored public key) [2]

PR:             86384 [1], 103399 [2]
Submitted by:   Garrett Wollman <wollman___khavrinen.csail.mit.edu> [1], Dmitriy
Kirhlarov <dkirhlarov___oilspace.com> [2]
04 Oct 2006 13:53:54
Original commit files touched by this commit  4.4.p1_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Fix package creation. [1]
- Update HPN patch and remove IGNORE. [2]
- Bump PORTREVISION

PR:             103961
Submitted by:   Phil Oleson <oz___nixil.net> [1], ale [2]
01 Oct 2006 19:37:54
Original commit files touched by this commit  4.4.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Install ssh_config-dist and sshd_config-dist in OVERWRITE_BASE too.
01 Oct 2006 02:15:01
Original commit files touched by this commit  4.4.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 4.4p1.
- Disable temporary HPN patch until HPN release new version.
- Fix rc.d script path in sshd.8
- Add FreeBSD-${PKGNAME} in SSH_VERSION and SSH_RELEASE like src does.
- Sync patches with src.

Security:       CVE-2006-4924, CVE-2006-5051
29 Aug 2006 19:47:07
Original commit files touched by this commit  4.3.p2_1,1
 This port version is marked as vulnerable.
ale search for other commits by this committer
Update HPN-12 patch to version 8 (no functional changes,
only documentation changes and a small bug fix on option parsing).

Approved by:    mnag
09 Aug 2006 12:49:15
Original commit files touched by this commit  4.3.p2_1,1
 This port version is marked as vulnerable.
simon search for other commits by this committer
Add optional OpenSC PIN patch which make it possible for OpenSSH to ask
for a PIN when using an OpenSC smartcard.

Approved by:            mnag (maintainer)
Patch obtained from:    http://bugzilla.mindrot.org/show_bug.cgi?id=608
04 Jul 2006 20:10:25
Original commit files touched by this commit  4.3.p2_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Remove unecessary ?= in PKGNAMESUFFIX [1]
- Update HPN patch to hpn12. Now none cipher are configured in run time. [2]

Notified by:    Peter Losher <plosher___plosh.net> [1], Scott Larson
<stl___iowainteractive.com> [2]
12 Jun 2006 16:56:35
Original commit files touched by this commit  4.3.p2_1,1
 This port version is marked as vulnerable.
ale search for other commits by this committer
Add support for smart cards.

Approved by:    maintainer
21 Feb 2006 19:28:37
Original commit files touched by this commit  4.3.p2_1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Fix order in rc.d script. Because of pidfile are empty, reload [2] and restart
[1]
  commands kill all connections.
- Separate keygen part and create keygen command.
- Bump PORTREVISION

PR:             93228 [1]
Reported by:    DanGer on #bsdports [2]
11 Feb 2006 23:59:28
Original commit files touched by this commit  4.3.p2,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
Forget to add HPN patches.
11 Feb 2006 23:55:26
Original commit files touched by this commit  4.3.p2,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 4.3p2
07 Feb 2006 20:07:54
Original commit files touched by this commit  4.3.p1,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 4.3p1
- Use DISTVERSION
- Add most configuration in OPTIONS
- Enable support to libedit in sftp [1]
- Add OPTIONS to HPN patches [2]
- Add new rc.d script [3]
- New rc.d script are responsible to check configuration and create host keys
- Using USE_RC_SUBR
- Modify pkg-message to reflect new rc.d script
- Fix pkg-plist

Reviewd by:     dougb [3]
Submitted by:   vs [1], brooks [2]
Tested by:      me, John E Hein
07 Feb 2006 20:04:25
Original commit files touched by this commit  4.2.0.0,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Reorganize Makefile in preparation to update to 4.3p1
- Add one http in MASTER_SITES
- Update WWW
09 Nov 2005 02:32:50
Original commit files touched by this commit  4.2.0.0,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
Add SHA256
16 Sep 2005 17:58:32
Original commit files touched by this commit  4.2.0.0,1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
Update my email

Approved by: pav (mentor)
06 Sep 2005 12:36:30
Original commit files touched by this commit  4.2.0.0,1
 This port version is marked as vulnerable.
garga search for other commits by this committer
- Pass maintainership to submitter, since he sent the last patch.

PR:             ports/85775
Submitted by:   Marcus Alves Grando <marcus@corp.grupos.com.br>
01 Sep 2005 19:24:36
Original commit files touched by this commit  4.2.0.0,1
 This port version is marked as vulnerable.
garga search for other commits by this committer
- Update to 4.2p1

PR:             ports/85578
Submitted by:   Marcus Grando <marcus@corp.grupos.com.br>
06 Jun 2005 19:09:04
Original commit files touched by this commit  4.1.0.1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 4.1p1

PR:             ports/81948
Submitted by:   Daniel Gerzo <danger@rulez.sk>
11 Apr 2005 21:31:07
Original commit files touched by this commit  4.0.0.1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Don't specify --with-ssl-dir when using the system's OpenSSL

PR:             ports/79355
Submitted by:   Mark Andrews <Mark_Andrews@isc.org>
20 Mar 2005 01:00:03
Original commit files touched by this commit  4.0.0.1,1
 This port version is marked as vulnerable.
ahze search for other commits by this committer
- Update to 4.0p1

PR:             ports/79029
Submitted by:   Dimitry Andric <dimitry@andric.com>
18 Dec 2004 19:16:09
Original commit files touched by this commit  3.9.0.1,1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- sshd child process crashes when user with expired password logs in.
  Fix unitialized pointer in our local patch.

PR:             ports/75204
Submitted by:   Andriy Gapon <avg@icyb.net.ua>
14 Oct 2004 05:26:27
Original commit files touched by this commit  3.9.0.1,1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- drop maintainership
12 Oct 2004 04:43:52
Original commit files touched by this commit  3.9.0.1,1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- new option WITH_OPENSSH_CHROOT
Submitted by:   KANAI Makoto
12 Oct 2004 04:42:53
Original commit files touched by this commit  3.9.0.1,1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- cleanup patches
(only context changed)
18 Aug 2004 11:35:53
Original commit files touched by this commit  3.9.0.1,1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 3.9p1

set PORTVERSION 3.9.0.1 to avoid another
bump of PORTEPOCH if 3.9.1p1 come out.

- new option OPENSSH_SNAPSHOT
29 Apr 2004 03:48:57
Original commit files touched by this commit  3.8.1p1,1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- bump PORTEPOCH
Reported by kriS
29 Apr 2004 03:04:27
Original commit files touched by this commit  3.8.1p1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 3.8.1p1
03 Apr 2004 05:18:29
Original commit files touched by this commit  3.8p1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- force kerberos by option WITH_GSSAPI
26 Mar 2004 19:56:42
Original commit files touched by this commit  3.8p1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- make PKGNAMESUFFIX more flexible
26 Feb 2004 05:47:07
Original commit files touched by this commit  3.8p1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add SIZE
25 Feb 2004 12:32:57
Original commit files touched by this commit  3.8p1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 3.8p1
04 Dec 2003 03:24:09
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix Usage
18 Oct 2003 10:45:34
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- new option WITHOUT_KERBEROS

PR:             58156
Submitted by:   matt@peterson.org
13 Oct 2003 14:16:40
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix build with kerberos5 from base and missing libdes
- get rid of autoconf dependency
13 Oct 2003 04:05:54
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix spelling of gssapi
12 Oct 2003 11:53:31
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add CONFLICTS
Submitted by:   eikemeier@fillmore-labs.com
10 Oct 2003 03:52:03
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- GSSAPI patch improved for kerbers5 and hemidal

Submitted by:   bg@sics.se
28 Sep 2003 18:41:51
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- cleanup GSSAPI option
28 Sep 2003 03:07:19
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Fix BATCH=yes patch for bento.
26 Sep 2003 18:13:52
Original commit files touched by this commit  3.7.1p2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 3.7.1p2
more regressions tests successfull
26 Sep 2003 02:42:39
Original commit files touched by this commit  3.6.1p2_5
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security Fix in PAM handling
Obtained from:  des
25 Sep 2003 17:08:02
Original commit files touched by this commit  3.6.1p2_4
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- mark FORBIDDEN until fixed.
23 Sep 2003 19:16:50
Original commit files touched by this commit  3.6.1p2_4
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security Fix obtained from OpenBSD
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/buffer.c.diff?r1=1.18&r2=1.19

Submitted by:   ash@lab.poc.net
17 Sep 2003 16:07:48
Original commit files touched by this commit  3.6.1p2_3
 This port version is marked as vulnerable.
nectar search for other commits by this committer
Add Solar Designer's additional fixes to buffer management.

Number of commits found: 292 (showing only 100 on this page)

«  1 | 2 | 3  »  

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
eogAug 22
p5-PathTools*Aug 22
p5-XSLoader*Aug 22
perl5-devel*Aug 22
perl5-devel*Aug 22
perl5-devel*Aug 22
perl5.18*Aug 22
perl5.18*Aug 22
perl5.18*Aug 22
perl5.20*Aug 22
perl5.20*Aug 22
perl5.20*Aug 22
perl5.20*Aug 22
perl5.22*Aug 22
perl5.22*Aug 22

57 vulnerabilities affecting 92 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26178
Broken 96
Deprecated 144
Ignore 366
Forbidden 0
Restricted 199
No CDROM 83
Vulnerable 65
Expired 16
Set to expire 130
Interactive 0
new 24 hours 14
new 48 hours14
new 7 days27
new fortnight48
new month125

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.