<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/openssh, branch 2017.02.1</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.02.1</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.02.1'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2017-03-30T22:28:28+00:00</updated>
<entry>
<title>openssh: security bump to version 7.5</title>
<updated>2017-03-30T22:28:28+00:00</updated>
<author>
<name>Baruch Siach</name>
<email>baruch@tkos.co.il</email>
</author>
<published>2017-03-21T13:11:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=df0c78d61e142781b6da3d0cf789b8b7b1ae3055'/>
<id>urn:sha1:df0c78d61e142781b6da3d0cf789b8b7b1ae3055</id>
<content type='text'>
From the release notes (https://www.openssh.com/txt/release-7.5):

Security
--------

 * ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures
   that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed.
   Note that the OpenSSH client disables CBC ciphers by default, sshd
   offers them as lowest-preference options and will remove them by
   default entriely in the next release. Reported by Jean Paul
   Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of
   Royal Holloway, University of London.

 * sftp-client(1): [portable OpenSSH only] On Cygwin, a client making
   a recursive file transfer could be maniuplated by a hostile server to
   perform a path-traversal attack. creating or modifying files outside
   of the intended target directory. Reported by Jann Horn of Google
   Project Zero.

[Peter: mention security fixes]
Signed-off-by: Baruch Siach &lt;baruch@tkos.co.il&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;

(cherry picked from commit 2204f4deb1c6c6ff4accd84b5aa2d42f5930b730)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssh: Move key generation to the start function of init script.</title>
<updated>2017-02-26T13:37:54+00:00</updated>
<author>
<name>Ignacy Gawędzki</name>
<email>ignacy.gawedzki@green-communications.fr</email>
</author>
<published>2017-02-24T14:26:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=92b770cd825915d56ea8d92d063aebdf7ef270a1'/>
<id>urn:sha1:92b770cd825915d56ea8d92d063aebdf7ef270a1</id>
<content type='text'>
Since there's not much point in generating missing host keys when the
init script is called with "stop", the call to ssh-keygen should not
be done inconditionally, but in the start function instead.

Signed-off-by: Ignacy Gawędzki &lt;ignacy.gawedzki@green-communications.fr&gt;
Acked-by: "Yann E. MORIN" &lt;yann.morin.1998@free.fr&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>packages: improve license type lists</title>
<updated>2017-02-20T21:16:01+00:00</updated>
<author>
<name>Danomi Manchego</name>
<email>danomimanchego123@gmail.com</email>
</author>
<published>2017-02-18T05:38:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=a3a2dbc409a950823c3a1547392943d2067a8311'/>
<id>urn:sha1:a3a2dbc409a950823c3a1547392943d2067a8311</id>
<content type='text'>
Make license type lists more uniform:

* put content license applies to in parenthesis; ex: "GPLv2+ (programs)"
* use commas to separate types listed without conjuction; ex: "GPLv2, LGPLv2"

No attempt was made to validate the claimed licenses.  This is just a tweak
to increase uniformity of the _LICENSE variables.

Signed-off-by: Danomi Manchego &lt;danomimanchego123@gmail.com&gt;
Reviewed-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
[Thomas: replace semi-colons by commas in LIBURCU_LICENSE.]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssh: security bump to version 7.4p1</title>
<updated>2016-12-19T19:53:24+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-12-19T16:27:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=ae58da71111c9a9825fa8dab1338831ff38dc320'/>
<id>urn:sha1:ae58da71111c9a9825fa8dab1338831ff38dc320</id>
<content type='text'>
Fixes:
CVE-2016-10009 - ssh-agent(1): Will now refuse to load PKCS#11 modules
from paths outside a trusted whitelist
CVE-2016-10010 - sshd(8): When privilege separation is disabled,
forwarded Unix-domain sockets would be created by sshd(8) with the
privileges of 'root'
CVE-2016-10011 - sshd(8): Avoid theoretical leak of host private key
material to privilege-separated child processes via realloc()
CVE-2016-10012 - sshd(8): The shared memory manager used by
pre-authentication compression support had a bounds checks that could be
elided by some optimising compilers

http://seclists.org/oss-sec/2016/q4/708

Drop upstream patch.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssh: add upstream security fix</title>
<updated>2016-11-15T11:58:20+00:00</updated>
<author>
<name>Baruch Siach</name>
<email>baruch@tkos.co.il</email>
</author>
<published>2016-11-15T06:34:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=aae80e71b6ce75bdf73cc9b84ec96c92ed13aa58'/>
<id>urn:sha1:aae80e71b6ce75bdf73cc9b84ec96c92ed13aa58</id>
<content type='text'>
Fixes CVE-2016-8858: Memory exhaustion, up to 128MB, of unauthenticated peer.

Signed-off-by: Baruch Siach &lt;baruch@tkos.co.il&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssh: bump version to 7.3p1</title>
<updated>2016-08-01T20:11:31+00:00</updated>
<author>
<name>Vicente Olivert Riera</name>
<email>Vincent.Riera@imgtec.com</email>
</author>
<published>2016-08-01T13:19:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=b0e524be37856dc433b48103cf17ac6f8983445f'/>
<id>urn:sha1:b0e524be37856dc433b48103cf17ac6f8983445f</id>
<content type='text'>
Signed-off-by: Vicente Olivert Riera &lt;Vincent.Riera@imgtec.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>toolchain: add hidden symbol for PIE support</title>
<updated>2016-07-24T19:44:22+00:00</updated>
<author>
<name>Waldemar Brodkorb</name>
<email>wbx@openadk.org</email>
</author>
<published>2016-07-11T14:35:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=3c93901bcd2f77232581ca82a3a5f741aa9e6345'/>
<id>urn:sha1:3c93901bcd2f77232581ca82a3a5f741aa9e6345</id>
<content type='text'>
uClibc-ng does not support PIE for some architectures as
arc and m68k. It isn't implemented in the static linking case, too.
With musl toolchains you might have static PIE support with little
patching of gcc. Static linking for GNU libc isn't enabled in
buildroot. Fixup any package using special treatment of PIE.
(grep -ir pie package/*/*.mk)

Signed-off-by: Waldemar Brodkorb &lt;wbx@openadk.org&gt;
[Thomas: use positive logic.]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssh: security bump to version 7.2p2</title>
<updated>2016-03-10T19:49:57+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-03-10T18:34:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=55a94ec8936571df586d4f53ffc1355c651a63d3'/>
<id>urn:sha1:55a94ec8936571df586d4f53ffc1355c651a63d3</id>
<content type='text'>
Fixes:
CVE-2016-3115 - sanitise X11 authentication credentials to avoid xauth
command injection when X11Forwarding is enabled.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssh: bump to version 7.2p1</title>
<updated>2016-02-29T20:45:32+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-02-29T11:59:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=0c62637bdd473236d50ec459c9074ad8a8834129'/>
<id>urn:sha1:0c62637bdd473236d50ec459c9074ad8a8834129</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssh: security bump to version 7.1p2</title>
<updated>2016-01-14T19:13:57+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-01-14T17:55:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=2ff0e32e254e3ee6d96f6b13b7bf182b4e1def73'/>
<id>urn:sha1:2ff0e32e254e3ee6d96f6b13b7bf182b4e1def73</id>
<content type='text'>
Fixes:

CVE-2016-0777 - Client Information leak from use of roaming connection
feature.

CVE-2016-0778 - A buffer overflow flaw was found in the way the OpenSSH
client roaming feature was implemented. A malicious server could
potentially use this flaw to execute arbitrary code on a successfully
authenticated OpenSSH client if that client used certain non-default
configuration options.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Reviewed-by: James Knight &lt;james.knight@rockwellcollins.com&gt;
Tested-by: James Knight &lt;james.knight@rockwellcollins.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
</feed>
