non port: security/openssh-portable/Makefile |
Number of commits found: 343 (showing only 100 on this page) |
Wednesday, 6 Mar 2024
|
03:17 Yasuhiro Kimura (yasu)
security/openssh-portable: Move manpages to share/man
Approved by: portmgr (blanket)
69c74a9 |
Wednesday, 24 Jan 2024
|
01:40 Bryan Drewery (bdrewery)
security/openssh-portable: Fix KERB_GSSAPI build
bb65ffa |
Thursday, 11 Jan 2024
|
18:05 Bryan Drewery (bdrewery)
security/openssh-portable: Update HPN patch.
- Mark GSSAPI build as broken while here.
b3f8665 |
Tuesday, 26 Dec 2023
|
21:24 Gordon Tetlow (gordon)
security/openssh-portable: Make HPN as BROKEN.
7627c95 |
20:49 Gordon Tetlow (gordon)
security/openssh-portable: Update to 9.6p1
Approved by: bdrewery
Differential Revision: https://reviews.freebsd.org/D43132
277b9fe |
Tuesday, 24 Oct 2023
|
02:16 Xin LI (delphij) Author: Rozhuk Ivan
security/openssh-portable: fix build with zlib 1.3
PR: ports/273578
Approved by: maintainer timeout
d839d49 |
Saturday, 21 Oct 2023
|
11:53 Bernard Spil (brnrd)
www/vaultwarden-web_vault: Revert borked git add
This reverts commit 3a3fbae18157d39b68c43c590fa9e977fed9cef4.
8269bdb |
11:45 Bernard Spil (brnrd)
www/vaultwarden-web_vault: Update to 2023.8.2
PR: 274304
Approved by: maintainer time-out
3a3fbae |
Friday, 22 Sep 2023
|
16:23 Mateusz Piotrowski (0mp)
security/openssh-portable: Fix build with KERB_GSSAPI set
PR: 273052
Reported by: brd
Approved by: maintainer timeout
Tested by: wollman
Sponsored by: Klara Inc.
3bd9ddb |
Friday, 21 Jul 2023
|
14:33 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 9.3p2.
Changes: https://www.openssh.com/txt/release-9.3p2
Security: CVE-2023-38408
f6d0388 |
Tuesday, 23 May 2023
|
17:40 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 9.3p1.
Changes: https://www.openssh.com/txt/release-9.3
700625b |
Thursday, 16 Feb 2023
|
19:23 Bryan Drewery (bdrewery)
security/openssh-portable: Upgrade to 9.2p1
Changes: https://www.openssh.com/txt/release-9.2
10491773 |
Friday, 3 Feb 2023
|
21:42 Bryan Drewery (bdrewery)
security/openssh-portable: Fix GSSAPI build for 9.1
c56b161 |
Saturday, 8 Oct 2022
|
15:53 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 9.1p1
Changes: https://www.openssh.com/txt/release-9.1
162c735 |
Wednesday, 7 Sep 2022
|
21:10 Stefan Eßer (se)
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.
There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.
The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.
Approved by: portmgr (tcberner)
b7f0544 |
Wednesday, 20 Jul 2022
|
14:22 Tobias C. Berner (tcberner)
security: remove 'Created by' lines
A big Thank You to the original contributors of these ports:
* <ports@c0decafe.net>
* Aaron Dalton <aaron@FreeBSD.org>
* Adam Weinberger <adamw@FreeBSD.org>
* Ade Lovett <ade@FreeBSD.org>
* Aldis Berjoza <aldis@bsdroot.lv>
* Alex Dupre <ale@FreeBSD.org>
* Alex Kapranoff <kappa@rambler-co.ru>
* Alex Samorukov <samm@freebsd.org>
* Alexander Botero-Lowry <alex@foxybanana.com>
* Alexander Kriventsov <avk@vl.ru>
* Alexander Leidinger <netchild@FreeBSD.org>
* Alexander Logvinov <ports@logvinov.com>
* Alexander Y. Grigoryev <alexander.4mail@gmail.com>
* Alexey Dokuchaev <danfe@FreeBSD.org>
* Alfred Perlstein
* Alfred Perlstein <alfred@FreeBSD.org>
* Anders Nordby <anders@FreeBSD.org>
* Anders Nordby <anders@fix.no>
* Andreas Klemm <andreas@klemm.gtn.com>
* Andrew Lewis <freeghb@gmail.com>
* Andrew Pantyukhin <infofarmer@FreeBSD.org>
* Andrew St. Jean <andrew@arda.homeunix.net>
* Anes Mukhametov <anes@anes.su>
* Antoine Brodin <antoine@FreeBSD.org>
* Anton Berezin <tobez@FreeBSD.org>
* Antonio Carlos Venancio Junior (<antonio@inf.ufsc.br>)
* Antonio Carlos Venancio Junior <antonio@inf.ufsc.br>
* Ashish SHUKLA <ashish@FreeBSD.org>
* Attila Nagy <bra@fsn.hu>
* Autrijus Tang <autrijus@autrijus.org>
* Axel Rau <axel.rau@chaos1.de>
* Babak Farrokhi <farrokhi@FreeBSD.org>
* Ben Woods <woodsb02@FreeBSD.org>
* Bernard Spil <brnrd@FreeBSD.org>
* Bernard Spil <brnrd@freebsd.org>
* Blaz Zupan <blaz@si.FreeBSD.org>
* Bob Hockney <zeus@ix.netcom.com>
* Boris Kochergin <spawk@acm.poly.edu>
* Brendan Molloy <brendan+freebsd@bbqsrc.net>
* Bruce M Simpson
* Bruce M Simpson <bms@FreeBSD.org>
* Bruce M. Simpson <bms@FreeBSD.org>
* Carlo Strub
* Carlo Strub <cs@FreeBSD.org>
* Carlos J Puga Medina <cpm@FreeBSD.org>
* Carlos J Puga Medina <cpm@fbsd.es>
* Charlie Root <se@FreeBSD.org>
* Cheng-Lung Sung <clsung@FreeBSD.org>
* Cheng-Lung Sung <clsung@dragon2.net>
* Chie Taguchi <taguchi.ch@gmail.com>
* Chris Cowart <ccowart@rescomp.berkeley.edu>
* Chris D. Faulhaber <jedgar@FreeBSD.org>
* Christer Edwards <christer.edwards@gmail.com>
* Christian Lackas
* Christopher Hall <hsw@bitmark.com>
* Clement Laforet <sheepkiller@cultdeadsheep.org>
* Clive Lin <clive@CirX.ORG>
* Colin Percival
* Cory McIntire (loon@noncensored.com)
* Craig Leres <leres@FreeBSD.org>
* Cristiano Deana <cris@gufi.org>
* Cy Schubert (Cy.Schubert@uumail.gov.bc.ca)
* Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
* Cy Schubert <cy@FreeBSD.org>
* Damian Gerow <dgerow@afflictions.org>
* Damien Bobillot
* Dan Langille
* Dan Langille <dan@freebsddiary.org>
* Dan Langille <dvl@FreeBSD.org>
* Dan Langille <dvl@freebsd.org>
* Dan Langille <dvl@sourcefire.com>
* Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* Daniel Roethlisberger <daniel@roe.ch>
* Danilo Egea Gondolfo <danilo@FreeBSD.org>
* Danton Dorati <urisso@bsd.com.br>
* Dave McKay <dave@mu.org>
* David E. Thiel <lx@FreeBSD.org>
* David O'Brien (obrien@NUXI.com)
* David O'Brien <obrien@FreeBSD.org>
* David Thiel <lx@redundancy.redundancy.org>
* Dean Hollister <dean@odyssey.apana.org.au>
* Denis Shaposhnikov <dsh@vlink.ru>
* Dereckson <dereckson@gmail.com>
* Dirk Froemberg <dirk@FreeBSD.org>
* Ditesh Shashikant Gathani <ditesh@gathani.org>
* Dom Mitchell <dom@happygiraffe.net>
* Dominic Marks <dominic.marks@btinternet.com>
* Don Croyle <croyle@gelemna.org>
* Douglas Thrift <douglas@douglasthrift.net>
* Edson Brandi <ebrandi@fugspbr.org>
* Edwin Groothuis <edwin@mavetju.org>
* Ekkehard 'Ekki' Gehm <gehm@physik.tu-berlin.de>
* Emanuel Haupt <ehaupt@FreeBSD.org>
* Emanuel Haupt <ehaupt@critical.ch>
* Eric Crist <ecrist@secure-computing.net>
* Erwin Lansing <erwin@FreeBSD.org>
* Eugene Grosbein <eugen@FreeBSD.org>
* Fabian Keil <fk@fabiankeil.de>
* Felix Palmen <felix@palmen-it.de>
* Florent Thoumie <flz@xbsd.org>
* Foxfair Hu <foxfair@FreeBSD.org>
* Frank Laszlo <laszlof@vonostingroup.com>
* Frank Wall <fw@moov.de>
* Franz Bettag <franz@bett.ag>
* Gabor Kovesdan
* Gabor Kovesdan <gabor@FreeBSD.org>
* Gabriel M. Dutra <0xdutra@gmail.com>
* Gary Hayers <Gary@Hayers.net>
* Gasol Wu <gasol.wu@gmail.com>
* Gea-Suan Lin <gslin@gslin.org>
* George Reid <greid@ukug.uk.freebsd.org>
* George Reid <services@nevernet.net>
* Greg Larkin <glarkin@FreeBSD.org>
* Greg V <greg@unrelenting.technology>
* Gregory Neil Shapiro <gshapiro@FreeBSD.org>
* Grzegorz Blach <gblach@FreeBSD.org>
* Guangyuan Yang <ygy@FreeBSD.org>
* Hakisho Nukama <nukama@gmail.com>
* Hammurabi Mendes <hmendes@brturbo.com>
* Henk van Oers <hvo.pm@xs4all.nl>
* Horia Racoviceanu <horia@racoviceanu.com>
* Hung-Yi Chen <gaod@hychen.org>
* Jaap Akkerhuis <jaap@NLnetLabs.nl>
* Jaap Boender <jaapb@kerguelen.org>
* Jacek Serwatynski <tutus@trynet.eu.org>
* James FitzGibbon <jfitz@FreeBSD.org>
* James Thomason <james@divide.org>
* Jan-Peter Koopmann <Jan-Peter.Koopmann@seceidos.de>
* Janky Jay <ek@purplehat.org>
* Janos Mohacsi
* Janos Mohacsi <janos.mohacsi@bsd.hu>
* Jean-Yves Lefort <jylefort@brutele.be>
* Jim Geovedi <jim@corebsd.or.id>
* Jim Ohlstein <jim@ohlste.in>
* Joe Clarke <marcus@marcuscom.com>
* Joe Marcus Clarke <marcus@FreeBSD.org>
* Johann Visagie <johann@egenetics.com>
* Johann Visagie <wjv@FreeBSD.org>
* John Ferrell <jdferrell3@yahoo.com>
* John Hixson <jhixson@gmail.com>
* John Polstra <jdp@polstra.com>
* John W. O'Brien <john@saltant.com>
* John-Mark Gurney <jmg@FreeBSD.org>
* Jose Alonso Cardenas Marquez <acardenas@bsd.org.pe>
* Joseph Benden <joe@thrallingpenguin.com>
* Joshua D. Abraham <jabra@ccs.neu.edu>
* Jov <amutu@amutu.com>
* Jui-Nan Lin <jnlin@freebsd.cs.nctu.edu.tw>
* Ka Ho Ng <khng300@gmail.com>
* Kay Lehmann <kay_lehmann@web.de>
* Keith J. Jones <kjones@antihackertoolkit.com>
* Kevin Zheng <kevinz5000@gmail.com>
* Kimura Fuyuki <fuyuki@hadaly.org>
* Kimura Fuyuki <fuyuki@mj.0038.net>
* Klayton Monroe <klm@uidzero.org>
* Konstantin Menshikov <kostjnspb@yandex.ru>
* Koop Mast <kwm@FreeBSD.org>
* Kris Kennaway <kris@FreeBSD.org>
* Kubilay Kocak <koobs@FreeBSD.org>
* Kurt Jaeger <fbsd-ports@opsec.eu>
* LEVAI Daniel <leva@ecentrum.hu>
* Lars Engels <lme@FreeBSD.org>
* Lars Thegler <lth@FreeBSD.org>
* Laurent LEVIER <llevier@argosnet.com>
* Luiz Eduardo R. Cordeiro
* Lukas Slebodnik <lukas.slebodnik@intrak.sk>
* Lukasz Komsta
* Mageirias Anastasios <anastmag@gmail.com>
* Marcel Prisi <marcel.prisi@virtua.ch>
* Marcello Coutinho
* Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org>
* Mark Felder <feld@FreeBSD.org>
* Mark Hannon <markhannon@optusnet.com.au>
* Mark Murray <markm@FreeBSD.org>
* Mark Pulford <mark@kyne.com.au>
* Marko Njezic <sf@maxempire.com>
* Martin Matuska <martin@tradex.sk>
* Martin Matuska <mm@FreeBSD.org>
* Martin Mersberger
* Martin Wilke <miwi@FreeBSD.org>
* Martti Kuparinen <martti.kuparinen@ericsson.com>
* Mateusz Piotrowski <0mp@FreeBSD.org>
* Matt <matt@xtaz.net>
* Matt Behrens <matt@zigg.com>
* Matthias Andree <mandree@FreeBSD.org>
* Matthias Fechner <mfechner@FreeBSD.org>
* Matthieu BOUTHORS <matthieu@labs.fr>
* Maxim Sobolev <sobomax@FreeBSD.org>
* Meno Abels <meno.abels@adviser.com>
* Michael Haro <mharo@FreeBSD.org>
* Michael Johnson <ahze@FreeBSD.org>
* Michael Nottebrock <lofi@FreeBSD.org>
* Michael Reifenberger <mr@FreeBSD.org>
* Michael Schout <mschout@gkg.net>
* Michal Bielicki <m.bielicki@llizardfs.com>
* Michiel van Baak <michiel@vanbaak.eu
* Mij <mij@bitchx.it>
* Mike Heffner <mheffner@vt.edu>
* Mikhail T. <m.tsatsenko@gmail.com>
* Mikhail Teterin <mi@aldan.algebra.com>
* Milan Obuch
* Mosconi <mosconi.rmg@gmail.com>
* Muhammad Moinur Rahman <5u623l20@gmail.com>
* Mustafa Arif <ma499@doc.ic.ac.uk>
* Neil Booth
* Neil Booth <kyuupichan@gmail.com>
* Nick Barkas <snb@threerings.net>
* Nicola Vitale <nivit@FreeBSD.org>
* Niels Heinen
* Nikola Kolev <koue@chaosophia.net>
* Nobutaka Mantani <nobutaka@FreeBSD.org>
* Oliver Lehmann
* Oliver Lehmann <oliver@FreeBSD.org>
* Olivier Duchateau
* Olivier Duchateau <duchateau.olivier@gmail.com>
* Olli Hauer
* Patrick Li <pat@databits.net>
* Paul Chvostek <paul@it.ca>
* Paul Schmehl <pauls@utdallas.edu>
* Pavel I Volkov <pavelivolkov@googlemail.com>
* Pete Fritchman <petef@databits.net>
* Peter Ankerstal <peter@pean.org>
* Peter Haight <peterh@sapros.com>
* Peter Johnson <johnson.peter@gmail.com>
* Peter Pentchev <roam@FreeBSD.org>
* Petr Rehor <rx@rx.cz>
* Philippe Audeoud <jadawin@tuxaco.net>
* Philippe Rocques <phil@teaser.fr>
* Piotr Kubaj <pkubaj@FreeBSD.org>
* Piotr Kubaj <pkubaj@anongoth.pl>
* Po-Chuan Hsieh <sunpoet@FreeBSD.org>
* RaRa Rasputin <rasputin@submonkey.net>
* Radim Kolar
* Ralf Meister
* Remington Lang <MrL0Lz@gmail.com>
* Renaud Chaput <renchap@cocoa-x.com>
* Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
* Roland van Laar <roland@micite.net>
* Romain Tartiere <romain@blogreen.org>
* Roman Bogorodskiy
* Roman Bogorodskiy <novel@FreeBSD.org>
* Roman Shterenzon <roman@xpert.com>
* Rong-En Fan <rafan@FreeBSD.org>
* Ryan Steinmetz <zi@FreeBSD.org>
* Sahil Tandon <sahil@tandon.net>
* Sascha Holzleiter <sascha@root-login.org>
* SeaD
* Seamus Venasse <svenasse@polaris.ca>
* Sean Greven <sean.greven@gmail.com>
* Sebastian Schuetz <sschuetz@fhm.edu>
* Sergei Kolobov <sergei@FreeBSD.org>
* Sergei Kolobov <sergei@kolobov.com>
* Sergei Vyshenski
* Sergei Vyshenski <svysh.fbsd@gmail.com>
* Sergey Skvortsov <skv@protey.ru>
* Seth Kingsley <sethk@meowfishies.com>
* Shaun Amott <shaun@inerd.com>
* Simeon Simeonov <sgs@pichove.org>
* Simon Dick <simond@irrelevant.org>
* Sofian Brabez <sbrabez@gmail.com>
* Stanislav Sedov <ssedov@mbsd.msk.ru>
* Stefan Esser <se@FreeBSD.org>
* Stefan Grundmann
* Stefan Walter <sw@gegenunendlich.de>
* Stephon Chen <stephon@gmail.com>
* Steve Wills <steve@mouf.net>
* Steve Wills <swills@FreeBSD.org>
* Steven Kreuzer
* Steven Kreuzer <skreuzer@exit2shell.com>
* Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
* TAKAHASHI Kaoru <kaoru@kaisei.org>
* TAKATSU Tomonari <tota@FreeBSD.org>
* Tatsuki Makino <tatsuki_makino@hotmail.com>
* Thibault Payet <monwarez@mailoo.org>
* Thierry Thomas (<thierry@pompo.net>)
* Thierry Thomas <thierry@pompo.net>
* Thomas Hurst <tom@hur.st>
* Thomas Quinot <thomas@cuivre.fr.eu.org>
* Thomas Zander <riggs@FreeBSD.org>
* Thomas von Dein <freebsd@daemon.de>
* Tilman Linneweh <arved@FreeBSD.org>
* Tim Bishop <tim@bishnet.net>
* Tom Judge <tom@tomjudge.com>
* Tomoyuki Sakurai <cherry@trombik.org>
* Toni Viemerö <toni.viemero@iki.fi>
* Tony Maher
* Torsten Zuhlsdorff <ports@toco-domains.de>
* Travis Campbell <hcoyote@ghostar.org>
* Tsung-Han Yeh <snowfly@yuntech.edu.tw>
* Ulf Lilleengen
* Vaida Bogdan <vaida.bogdan@gmail.com>
* Valentin Zahariev <curly@e-card.bg>
* Valerio Daelli <valerio.daelli@gmail.com>
* Veniamin Gvozdikov <vg@FreeBSD.org>
* Victor Popov
* Victor Popov <v.a.popov@gmail.com>
* Vsevolod Stakhov
* Vsevolod Stakhov <vsevolod@FreeBSD.org>
* Wen Heping <wen@FreeBSD.org>
* Wen Heping <wenheping@gmail.com>
* Yarodin <yarodin@gmail.com>
* Yen-Ming Lee <leeym@FreeBSD.org>
* Yen-Ming Lee <leeym@cae.ce.ntu.edu.tw>
* Yen-Ming Lee <leeym@leeym.com>
* Ying-Chieh Liao <ijliao@FreeBSD.org>
* Yonatan <Yonatan@Xpert.com>
* Yonatan <onatan@gmail.com>
* Yoshisato YANAGISAWA
* Yuri Victorovich
* Yuri Victorovich <yuri@rawbw.com>
* Zach Thompson <hideo@lastamericanempire.com>
* Zane C. Bowers <vvelox@vvelox.net>
* Zeus Panchenko <zeus@gnu.org.ua>
* ache
* adamw
* ajk@iu.edu
* alex@FreeBSD.org
* allan@saddi.com
* alm
* andrej@ebert.su
* andrew@scoop.co.nz
* andy@fud.org.nz
* antoine@FreeBSD.org
* arved
* barner
* brix@FreeBSD.org
* buganini@gmail.com
* chinsan
* chris@still.whet.org
* clement
* clsung
* crow
* cy@FreeBSD.org
* dominik karczmarski <dominik@karczmarski.com>
* dwcjr@inethouston.net
* eivind
* erich@rrnet.com
* erwin@FreeBSD.org
* girgen@FreeBSD.org
* glen.j.barber@gmail.com
* hbo@egbok.com
* ijliao
* jesper
* jfitz
* johans
* joris
* kftseng@iyard.org
* kris@FreeBSD.org
* lx
* markm
* mharo@FreeBSD.org
* michaelnottebrock@gmx.net
* mnag@FreeBSD.org
* mp39590@gmail.com
* nbm
* nectar@FreeBSD.org
* nork@FreeBSD.org
* nork@cityfujisawa.ne.jp
* nsayer@FreeBSD.org
* nsayer@quack.kfu.com
* ntarmos@cs.uoi.gr
* oly
* onatan@gmail.com
* pandzilla
* patrick@mindstep.com
* pauls
* perl@FreeBSD.org
* petef@FreeBSD.org
* peter.thoenen@yahoo.com
* ports@c0decafe.net
* ports@rbt.ca
* roam@FreeBSD.org
* rokaz
* sada@FreeBSD.org
* scrappy
* se
* shane@freebsdhackers.net aka modsix@gmail.com
* snb@threerings.net
* sumikawa
* sviat
* teramoto@comm.eng.osaka-u.ac.jp
* thierry@pompo.net
* tobez@FreeBSD.org
* torstenb@FreeBSD.org
* trasz <trasz@pin.if.uz.zgora.pl>
* trevor
* truckman
* vanhu
* vanilla@
* wen@FreeBSD.org
* will
With hat: portmgr
857c05f |
Tuesday, 7 Jun 2022
|
19:21 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 9.0p1
Changes: https://www.openssh.com/txt/release-9.0
PR: 264211
ca9ce69 |
Wednesday, 25 May 2022
|
13:34 Bryan Drewery (bdrewery)
security/openssh-portable: Fix some capsicum issues
- Brings in latest changes from base. See patches for details.
- Version 9.0 is being worked on but I wanted to fix this issue
before proceeding with bigger changes.
PR: 263753
272dd07 |
Monday, 7 Mar 2022
|
23:02 Bryan Drewery (bdrewery)
security/openssh-portable: Again fix procctl(2) usage
The 8.9p1 update was supposed to have a fix for incorrect
use of procctl(2) but was left out for some reason. A wrong
assumption missed keeping it in ae66cffc19f357cbd5.
PR: 262352
a12058f |
23:02 Bryan Drewery (bdrewery)
security/openssh-portable: Add comment in openssh.in about host keys
Commit ae66cffc19f added some rc vars to allow disabling host keys.
The naming caused some confusion. Attempt to address that with a
comment since these are not documented anywhere else.
PR: 202169
21cedc6 |
22:46 Bryan Drewery (bdrewery)
security/openssh-portable: Fix fetching gssapi patch
- Mirror it
- Update to latest Debian location
df3a937 |
Thursday, 3 Mar 2022
|
19:59 Bryan Drewery (bdrewery) Author: Andrew Fyfe
security/openssh-portable: fix docs when built without PAM support
The defaults documented in sshd_config and sshd_config.5 are incorrect
if OpenSSH was built without PAM support and can be misleading to the
user whether or not password authentication is enabled.
- Moved PAM specific changes out of patch-sshd_config and into
extra-patch-pam-sshd_config
- sshd_config.5 PasswordAuthentication: added a new line before the note
to make it easier to read.
- sshd_config.5 UsePAM: noted the default value depends on whether
sshd was built with or without PAM support.
PR: 261342
418bb1f |
19:25 Bryan Drewery (bdrewery)
security/openssh-portable: Fix subtle rc script problem.
Invoking 'run_rc_command' taints '$rc_var' with 'keygen' which blocks further
processing for something like openssh_oomprotect. Note that openssh_oomprotect
is broken in rc.subr until it learns to read a pidfile.
ad60ad3 |
19:25 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 8.9p1
- Unbreak GSSAPI [1]
- rc.d/openssh: Allow modifying host key generation [2]
Changes: https://www.openssh.com/txt/release-8.9
PR: 259909 [1]
PR: 202169 [2]
Submitted by: Rick Miller [1]
Submitted by: Chad Jacob Milios [2]
ae66cff |
Thursday, 25 Nov 2021
|
21:40 Stefan Eßer (se)
*/*: Remove redundant '-*' from CONFLICTS definitions
The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").
Approved by: portmgr (blanket)
04b9da4 |
Saturday, 16 Oct 2021
|
03:58 Bryan Drewery (bdrewery)
security/openssh-portable: libfido fix went in 505373243
02dbfbc |
Friday, 15 Oct 2021
|
17:10 Bryan Drewery (bdrewery)
security/openssh-portable: Fix sftp crash
This fixes an error trying to disabling process tracing.
It has been sent upstream.
PR: 259174
Submitted by: mike at sentex dot net
f4a5ae5 |
Tuesday, 12 Oct 2021
|
18:06 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 8.8p1
Changelog: https://www.openssh.com/txt/release-8.8
Security: CVE-2021-41617
3849667 |
Monday, 27 Sep 2021
|
22:42 Bryan Drewery (bdrewery)
security/openssh-portable: Fix default ssh-askpass path
Reported by: Piotr Smyrak
fd74bc8 |
Friday, 10 Sep 2021
|
21:17 Bernhard Froehlich (decke)
security/openssh-portable: Add CPE information
Approved by: portmgr (blanket)
44052be |
Thursday, 9 Sep 2021
|
19:09 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 8.7p1.
Changes: https://www.openssh.com/txt/release-8.7
a981593 |
Thursday, 29 Apr 2021
|
16:05 Bryan Drewery (bdrewery)
security/openssh-portable: Update to 8.6p1
- gssapi is disabled for now.
Changes:
- https://www.openssh.com/txt/release-8.5
- https://www.openssh.com/txt/release-8.6
Submitted by: Yasuhiro Kimura [earlier version][1]
PR: 254389 [1]
de9fffc |
Tuesday, 6 Apr 2021
|
14:31 Mathieu Arnold (mat)
Remove # $FreeBSD$ from Makefiles.
305f148 |
Thursday, 18 Mar 2021
|
20:49 bdrewery
Add limited patch for CVE-2021-28041 from upstream.
|
Wednesday, 9 Dec 2020
|
02:46 pkubaj
security/openssh-portable@gssapi: fix build on GCC architectures
gss-genr.c: In function 'ssh_gssapi_kex_mechs':
gss-genr.c:175:9: error: 'strncpy' specified bound depends on the length of the
source argument [-Werror=stringop-overflow=]
175 | cp = strncpy(s, kex, strlen(kex));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
|
Sunday, 29 Nov 2020
|
02:16 pkubaj
security/openssh-portable: fix build on GCC architectures
loginrec.c:763:2: error: 'strncpy' output may be truncated copying 32 bytes from
a string of length 511 [-Werror=stringop-truncation]
strncpy(utx->ut_user, li->username,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MIN_SIZEOF(utx->ut_user, li->username));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
loginrec.c: In function 'record_failed_login':
loginrec.c:1687:2: error: 'strncpy' specified bound 32 equals destination size
[-Werror=stringop-truncation]
strncpy(ut.ut_user, username, sizeof(ut.ut_user));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
loginrec.c:1696:2: error: 'strncpy' specified bound 256 equals destination size
[-Werror=stringop-truncation]
strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
|
Tuesday, 24 Nov 2020
|
20:46 bdrewery
- Fix KERB_GSSAPI build; missing prototypes for DH openssl-compat.
PR: 212151 (maybe)
|
Friday, 20 Nov 2020
|
03:41 bdrewery
- Add pkg-config dependency which avoids some maintainer testing errors
and also removes a few unneeded library links such as -lcurses.
- libfido2 package is broken with pkg-config and base ssl. Workaround this
by not using pkg-config for that library for now.
- Add USES=localbase to simplify some options
- Make crypt(3) MD5 password support optional but still on-by-default. The
default in FreeBSD changed in 10.0 but that does not mean
- Enable -Werror
- Remove some old baggage from the port build
o The zlib version check has not been needed for a while.
o sshd.8 has not had %%PREFIX%% or %$RC_SCRIPT_NAME%% since 2011
and is not worth more patches/complexity.
o The strnvis(3) problem noted in r311891 was fixed in OpenSSH 7.4.
o autoreconf is run so it makes no sense to patch configure for -ldes
o --with-md5-passwords is not needed as our crypt(3) supports it
natively. This is only relevant without PAM.
|
Tuesday, 17 Nov 2020
|
01:45 bdrewery
- Add blacklistd(8) support.
This differs slightly from base as it uses the current NetBSD
hook points.
This is off-by-default as it needs testing and has issues that may cause
crashes. One such issue is the use of private bl_create() symbol from
libblacklist. It is also unclear if the hook points are sufficient
or proper after the libssh refactoring in 8.x.
PR: 223628 (patch rewritten as it no longer applied)
|
Monday, 16 Nov 2020
|
23:36 bdrewery
- Add and enable FIDO/U2F support for security keys by default.
This feature came in 8.2, is enabled by default on OpenBSD,
and suggested to be enabled by default for packages.
|
22:25 bdrewery
- Slightly reduce diff with base
- No functional changes.
PR: 223010
Submitted by: brnrd (earlier patch)
|
19:39 bdrewery
- Update to 8.4p1 (skipped 8.3)
- https://www.openssh.com/txt/release-8.3
- https://www.openssh.com/txt/release-8.4
PR: 239807, 250319
Sponsored by: Dell EMC
|
Thursday, 12 Nov 2020
|
10:51 0mp
security/openssh-portable: Set LICENSE
In the past, the ports framework did not support handling situations
where a port contained a multitude of licenses. In case of OpenSSH
the list is/was: BSD2, BSD3, MIT, public domain, BSD-Style, BEER-WARE,
"any purpose with notice intact", and ISC-Style.
Instead of having to keep track of all the involved licenses which all
are very similar, let's use LICENSE_PERMS.
I am not bumping PORTREVISION as it is not a vital change from the
perspective of package users.
Approved by: bdrewery (maintainer)
Differential Revision: https://reviews.freebsd.org/D27133
|
Saturday, 7 Nov 2020
|
14:46 0mp
Install the moduli file as a @sample
PR: 250559
Submitted by: Michal "rysiek" Wozniak <rysiek % isnic.is>
Approved by: maintainer timeout
|
14:18 0mp
Fix a typo
Approved by: portmgr blanket
|
Monday, 23 Mar 2020
|
23:15 bdrewery
- Simplify and refactor login.conf environment handling.
|
17:07 bdrewery
Remove long broken X509 patch.
Approved by: portmgr (implicit)
|
16:53 bdrewery
- Update to 8.2p1
Release notes: https://www.openssh.com/txt/release-8.2
|
Sunday, 22 Dec 2019
|
02:55 bdrewery
Update to 8.1p1
Changes: https://www.openssh.com/txt/release-8.1
Sponsored by: Dell EMC
|
Wednesday, 9 Oct 2019
|
12:20 bapt
Drop the ipv6 virtual category for s* category as it is not relevant anymore
|
Monday, 2 Sep 2019
|
21:23 swills
Bump PORTREVISION on ldns consumers
Shared lib version changed in update
Reported by: sunpoet
|
Friday, 19 Jul 2019
|
19:18 bdrewery
- Update gssapi patch for 8.0
- Rework how the gssapi patch is fetched/mirrored so we can fetch
directly from debian.
PR: 239290
Submitted by: david@dcrosstech.com (based on)
Tested by: vrwmiller@gmail.com
|
Thursday, 18 Jul 2019
|
20:10 bdrewery
Fix BROKEN handling for x509/gssapi FLAVORS
|
Friday, 12 Jul 2019
|
03:48 bdrewery
Update to 8.0p1
Changes: https://www.openssh.com/txt/release-8.0
With help from: Lee Prokowich
Sponsored by: DellEMC
|
Monday, 12 Nov 2018
|
21:55 bdrewery
- Fix X509 build after r484765 openssl fix
- Fix patch URL for KERB_GSSAPI
- Add FLAVORs for x509 and gssapi since they are distinct types of
OpenSSH rather than feature flags.
Approved by: portmgr (implicit)
|
21:04 bdrewery
- Update KERB_GSSAPI for 7.9p1
|
20:56 bdrewery
- Fix HPN for 7.9p1
- DOCS is required for HPN but it's not exclusively a flavor so needs to be
in the default list.
- Fix a build-time OpenSSL version comparison [1]
PR: 233157 [1]
Reported by: Robert Schulze <rs@bytecamp.net> [1]
Obtained from: upstream c0a35265907533be10ca151ac797f34ae0d68969 [1]
|
Sunday, 11 Nov 2018
|
20:21 bdrewery
Update to 7.9p1.
- Fixes build on 12, head, and openssl-devel.
- GSSAPI and HPN are currently marked BROKEN as I don't want to block
the main update for anyone.
http://www.openssh.com/txt/release-7.8
http://www.openssh.com/txt/release-7.9
MFH: 2018Q4 (due to being broken on 12+head)
|
Saturday, 10 Nov 2018
|
10:09 mat
security/openssl-devel was removed, but there is a security/openssl111 now.
|
Monday, 10 Sep 2018
|
13:14 mat
Add DOCS options to ports that should have one.
Also various fixes related to said option.
PR: 230864
Submitted by: mat
exp-runs by: antoine
|
Friday, 29 Jun 2018
|
15:44 bdrewery
Simplify CONFLICTS_INSTALL.
Reported by: mat
|
Thursday, 28 Jun 2018
|
03:38 bdrewery
- Fix and update HPN patch to latest from upstream but leave it off by
default.
- Add an 'hpn' FLAVOR to produce a package for users with HPN and
NONECIPHER enabled.
Approved by: portmgr (implicit)
|
Tuesday, 26 Jun 2018
|
22:32 bdrewery
Update x509 patch to 11.3.2
|
Tuesday, 19 Jun 2018
|
15:42 bdrewery
Forgot PORTREVISION bump for r472797.
PR: 229147
|
Thursday, 3 May 2018
|
23:39 bdrewery
- Add XMSS option to enable experimental key support added in 7.7 [1]
- Bring in upstream patches post 7.7 to fix various issues [2]:
b81b2d120e9c8a83489e241620843687758925ad - Fix tunnel forwarding broken in
7.7p1
341727df910e12e26ef161508ed76d91c40a61eb - don't kill ssh-agent's listening
socket entriely if we fail to accept a connection
85fe48fd49f2e81fa30902841b362cfbb7f1933b - don't free the %C expansion, it's
used later for LocalCommand
868afa68469de50d8a43e5daf867d7c624a34d20 - Disable SSH2_MSG_DEBUG messages for
Twisted Conch clients
f5baa36ba79a6e8c534fb4e0a00f2614ccc42ea6 - Omit 3des-cbc if OpenSSL built
without DES
PR: 227758 [1]
Submitted by: IWAMOTO Kouichi <sue@iwmt.org> [1]
PR: 227551 [2]
Reported by: rozhuk.im@gmail.com [2]
Obtained from: upstream mirror https://github.com/openssh/openssh-portable [2]
|
Wednesday, 25 Apr 2018
|
18:05 bdrewery
Update the KERB_GSSAPI patch from debian.
https://sources.debian.org/data/main/o/openssh/1:7.7p1-2/debian/patches/gssapi.patch
is mirrored due to not being filename-unique and not gzipped.
PR: 226789
Submitted by: Rick Miller <vmiller@verisign.com> (based on)
Tested by: Rick Miller <vmiller@verisign.com>
Reported by: david@dcrosstech.com
|
Thursday, 12 Apr 2018
|
21:54 leres
The block of code that canonicallizes the hostname supplied on
the command line added by patch-ssh.c misapplies to 7.7p1 and
moves from main() to to ssh_session2(). This breaks ssh SSHFP
support for non-canonical hostnames. For example, "ssh zinc"
correctly discovers the FQDN (zinc.ee.lbl.gov) and uses it to
look up A and AAAA records but the non-canonical version (zinc)
is used in the SSHFP record lookup which or course fails.
Regenerate the patch.
Reviewed by: bdrewery, ler (mentor)
Approved by: bdrewery, ler (mentor)
Differential Revision: https://reviews.freebsd.org/D15053
|
Thursday, 5 Apr 2018
|
19:57 bdrewery
Make BROKEN lines more clear
|
18:20 bdrewery
Update to 7.7p1
- Update x509 patch to 11.3
- Remove SCTP option as it has not had a patch available since 7.2.
Changes: https://www.openssh.com/txt/release-7.7
Notable changes:
* ssh(1)/sshd(8): Drop compatibility support for some very old SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These
versions were all released in or before 2001 and predate the final
SSH RFCs. The support in question isn't necessary for RFC-compliant
SSH implementations.
|
Tuesday, 3 Apr 2018
|
23:14 bdrewery
libressl support was fixed in r452358
|
Thursday, 29 Mar 2018
|
14:53 mat
Mark some ports broken with openssl-devel.
Sponsored by: Absolight
|
Friday, 16 Mar 2018
|
20:20 bdrewery
Remove OVERWRITE_BASE compat - it was marked IGNORE in 2015
|
Wednesday, 18 Oct 2017
|
17:19 bdrewery
LibreSSL + LDNS: Fix random crashes.
This happens due to ldns-config --libs adding in too many libraries
(overlinking), and -lcrypto again, which causes some strange
conflict/corruption. By specifying the path to --with-ldns, configure only
adds in -ldns rather than every library ldns itself needs.
PR: 223000
Reported by: many
|
Monday, 16 Oct 2017
|
07:26 koobs
security/openssh-portable: Remove groff dependency
An unconditional dependency on groff was added in ports r441907 [1] as part
of bug 213725 (groff removal from base). OpenSSH release-5.7 notes the
following:
* Use mandoc as preferred manpage formatter if it is present, followed
by nroff and groff respectively.
This change removes groff as an unconditional dependency allowing mandoc
to be used, and reduces many subsequence dependencies accordingly.
It additionally explicitly sets 'mantype', which ensures that man pages
are installed in the same location (LOCALBASE/man) independently from the
generator used. Without this, a packaging (pkg-plist) error is observed
(installing man pages into LOCALBASE/doc not LOCALBASE/man), which was
presumably the genesis of the groff dependency addition in the first place.
[1] http://svnweb.freebsd.org/changeset/ports/441907
Reviewed by: bdrewery (maintainer), allanjude
Approved by: bdrewery (maintainer)
Differential Revision: D11793
|
Saturday, 14 Oct 2017
|
18:09 bdrewery
Mark broken with libressl as it has several random crashses.
PR: 223000
|
Friday, 13 Oct 2017
|
23:27 bdrewery
Bring in upstream fix for PermitOpen from commit 7c9613fac337
|
Thursday, 12 Oct 2017
|
19:40 bdrewery
Update to 7.6p1
- Update x509 patch to 11.0
- HPN/NONECIPHER do not apply currently and are disabled by default,
same as the base sshd. A compatibility patch is applied if
these options are disabled to prevent startup failures; the options
are kept as deprecated.
- SCTP patch does not apply.
Changes: https://www.openssh.com/txt/release-7.6
Notable changes:
- SSH version 1 support dropped.
- Dropped support for hmac-ripemd160 MAC.
- Dropped support for the ciphers arcfour, blowfish and CAST.
- RSA keys less than 1024 bits are refused.
|
Friday, 9 Jun 2017
|
14:44 bdrewery
Fix LDNS detection.
This is the same fix made upstream as well.
PR: 218472
Submitted by: leres@ee.lbl.gov
MFH: 2017Q2
|
Sunday, 28 May 2017
|
10:58 antoine
Register dependency on groff
PR: 213725
|
Thursday, 27 Apr 2017
|
12:14 mat
Mark those as not building with openssl-devel.
Sponsored by: Absolight
|
Saturday, 1 Apr 2017
|
01:59 bdrewery
- Update to 7.5p1.
- Update X509 to 10.1.
- Disable KERB_GSSAPI for now as it does not build.
Changes: https://www.openssh.com/txt/release-7.5
|
Monday, 20 Mar 2017
|
18:16 bdrewery
- Change USE_AUTOTOOLS to USES= autoreconf
- Change @exec to @postexec in pkg-plist
Submitted by: brnrd
PR: 217962
|
Wednesday, 15 Mar 2017
|
14:45 mat
Remove all USE_OPENSSL occurrences.
Sponsored by: Absolight
|
Friday, 3 Mar 2017
|
04:12 miwi
- Chase ldns shlip bump
PR: 217495
|
Monday, 16 Jan 2017
|
19:30 bdrewery
Update to 7.4p1.
- Update X509 patch to 9.3
- SCTP patch from soralx@cydem.org
Changes: https://www.openssh.com/txt/release-7.4
|
Friday, 13 Jan 2017
|
23:44 bdrewery
Fix to only enable SCTP patch with option from r431441
|
23:39 bdrewery
Add forgotten patch in r431438 for CVE-2016-10009 and CVE-2016-10010.
Security: 2c948527-d823-11e6-9171-14dae9d210b8
Submitted by: Tim Zingelman <zingelman@gmail.com>
MFH: 2017Q1
|
23:28 bdrewery
Add working SCTP patch.
This has 2 minor changes from the upstream bug 1604
PR: 215632
Submitted by: soralx@cydem.org
|
23:23 bdrewery
Add patches to cover security issues CVE-2016-10009 and CVE-2016-10010.
Security: 2c948527-d823-11e6-9171-14dae9d210b8
Submitted by: Tim Zingelman <zingelman@gmail.com>
MFH: 2017Q1
|
Monday, 24 Oct 2016
|
22:52 bdrewery
Bring in upstream commit ec165c392ca54317dbe3064a8c200de6531e89ad:
Unregister the KEXINIT handler after message has been
received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause
allocation of up to 128MB -- until the connection is closed. Reported by
shilei-c at 360.cn
Security: CVE-2016-8858
|
Monday, 8 Aug 2016
|
19:22 bdrewery
- Update to 7.3p1
- X509: Unbreak and update to 9.0
- SCTP: Mark BROKEN
- KERB_GSSAPI: Unbreak and update from Debian's patch
Release notes: http://www.openssh.com/txt/release-7.3
|
Monday, 16 May 2016
|
16:56 bdrewery
Bring in updated SCTP patch from gentoo.
Submitted by: Eduardo Morras <emorrasg@yahoo.es>
|
Friday, 1 Apr 2016
|
14:25 mat
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.
With hat: portmgr
Sponsored by: Absolight
|
Friday, 11 Mar 2016
|
22:49 bdrewery
- Update to 7.2p2 which fixes X11Forwarding command injection vulnerability.
Changelog: http://www.openssh.com/txt/release-7.2p2
Advisory: http://www.openssh.com/txt/x11fwd.adv
|
Monday, 29 Feb 2016
|
18:36 bdrewery
- Update to 7.2p1
- Mark X509 and KERB_GSSAPI as BROKEN.
Changelog: http://www.openssh.com/txt/release-7.2
With help from: brnrd
|
Wednesday, 3 Feb 2016
|
22:15 marino
x11/xterm: document ncurses requirement (USES+=ncurses)
also link to libncurses rather than libcurses
approved by: infrastructure blanket
|
Wednesday, 20 Jan 2016
|
02:18 bdrewery
Fix the KERB_GSSAPI option using the latest patch from Debian.
This slightly refactors some of the HPN patch to avoid a conflict.
PR: 206346
Submitted by: Garret Wollman
|
Thursday, 14 Jan 2016
|
16:41 bdrewery
Update to 7.1p2
Changes: http://www.openssh.com/txt/release-7.1p2
MFH: 2016Q1
Security: CVE-2016-0777
Security: CVE-2016-0778
|
Wednesday, 11 Nov 2015
|
21:04 bdrewery
Fix the NONECIPHER not actually being offered by the server.
Upstream issue: https://github.com/rapier1/openssh-portable/issues/3
|
18:04 bdrewery
Update advice to disable ChallengeResponseAuthentication for key usage.
PR: 204475
Reported by: Mark.Martinec@ijs.si
|
Number of commits found: 343 (showing only 100 on this page) |