openssh-8.7p1-34.el9 | Build Info

Information for build openssh-8.7p1-34.el9

27715

Package Name

openssh

Version

8.7p1

Release

34.el9

Epoch

Source

git+https://git.cclinux.org/stage/rpms/openssh.git#e038391c00dca32e63e947651ef3d4d26631d8f3

Summary

An open source implementation of SSH protocol version 2

Description

SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both.

Built by

distrobuild

State

complete

Volume

DEFAULT

Started

Tue, 21 Nov 2023 00:54:17 CST

Completed

Tue, 21 Nov 2023 01:31:53 CST

Task

build (dist-circle9, /stage/rpms/openssh.git:e038391c00dca32e63e947651ef3d4d26631d8f3)

Extra

{'source': {'original_url': 'git+https://git.cclinux.org/stage/rpms/openssh.git?#e038391c00dca32e63e947651ef3d4d26631d8f3'}}

Tags

dist-circle9

dist-circle9-compose

RPMs

src
	openssh-8.7p1-34.el9.src.rpm (info) (download)
aarch64
	openssh-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-askpass-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-clients-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-keycat-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-server-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-sk-dummy-8.7p1-34.el9.aarch64.rpm (info) (download)
	pam_ssh_agent_auth-0.10.4-5.34.el9.aarch64.rpm (info) (download)
	openssh-askpass-debuginfo-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-clients-debuginfo-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-debuginfo-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-debugsource-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-keycat-debuginfo-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-server-debuginfo-8.7p1-34.el9.aarch64.rpm (info) (download)
	openssh-sk-dummy-debuginfo-8.7p1-34.el9.aarch64.rpm (info) (download)
	pam_ssh_agent_auth-debuginfo-0.10.4-5.34.el9.aarch64.rpm (info) (download)
i686
	openssh-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-askpass-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-clients-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-keycat-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-server-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-sk-dummy-8.7p1-34.el9.i686.rpm (info) (download)
	pam_ssh_agent_auth-0.10.4-5.34.el9.i686.rpm (info) (download)
	openssh-askpass-debuginfo-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-clients-debuginfo-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-debuginfo-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-debugsource-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-keycat-debuginfo-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-server-debuginfo-8.7p1-34.el9.i686.rpm (info) (download)
	openssh-sk-dummy-debuginfo-8.7p1-34.el9.i686.rpm (info) (download)
	pam_ssh_agent_auth-debuginfo-0.10.4-5.34.el9.i686.rpm (info) (download)
ppc64le
	openssh-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-askpass-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-clients-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-keycat-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-server-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-sk-dummy-8.7p1-34.el9.ppc64le.rpm (info) (download)
	pam_ssh_agent_auth-0.10.4-5.34.el9.ppc64le.rpm (info) (download)
	openssh-askpass-debuginfo-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-clients-debuginfo-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-debuginfo-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-debugsource-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-keycat-debuginfo-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-server-debuginfo-8.7p1-34.el9.ppc64le.rpm (info) (download)
	openssh-sk-dummy-debuginfo-8.7p1-34.el9.ppc64le.rpm (info) (download)
	pam_ssh_agent_auth-debuginfo-0.10.4-5.34.el9.ppc64le.rpm (info) (download)
s390x
	openssh-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-askpass-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-clients-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-keycat-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-server-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-sk-dummy-8.7p1-34.el9.s390x.rpm (info) (download)
	pam_ssh_agent_auth-0.10.4-5.34.el9.s390x.rpm (info) (download)
	openssh-askpass-debuginfo-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-clients-debuginfo-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-debuginfo-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-debugsource-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-keycat-debuginfo-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-server-debuginfo-8.7p1-34.el9.s390x.rpm (info) (download)
	openssh-sk-dummy-debuginfo-8.7p1-34.el9.s390x.rpm (info) (download)
	pam_ssh_agent_auth-debuginfo-0.10.4-5.34.el9.s390x.rpm (info) (download)
x86_64
	openssh-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-askpass-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-clients-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-keycat-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-server-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-sk-dummy-8.7p1-34.el9.x86_64.rpm (info) (download)
	pam_ssh_agent_auth-0.10.4-5.34.el9.x86_64.rpm (info) (download)
	openssh-askpass-debuginfo-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-clients-debuginfo-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-debuginfo-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-debugsource-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-keycat-debuginfo-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-server-debuginfo-8.7p1-34.el9.x86_64.rpm (info) (download)
	openssh-sk-dummy-debuginfo-8.7p1-34.el9.x86_64.rpm (info) (download)
	pam_ssh_agent_auth-debuginfo-0.10.4-5.34.el9.x86_64.rpm (info) (download)

Logs

aarch64
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
i686
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
ppc64le
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
s390x
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
x86_64
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log

Changelog

* Thu Jul 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-34 - Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408 * Tue Jun 13 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-33 - Allow specifying validity interval in UTC Resolves: rhbz#2115043 * Wed May 24 2023 Norbert Pocs <npocs@redhat.com> - 8.7p1-32 - Fix pkcs11 issue with the recent changes - Delete unnecessary log messages from previous compl-dh patch - Add ssh_config man page explanation on rhbz#2068423 - Resolves: rhbz#2207793, rhbz#2209096 * Tue May 16 2023 Norbert Pocs <npocs@redhat.com> - 8.7p1-31 - Fix minor issues with openssh-8.7p1-evp-fips-compl-dh.patch: - Check return values - Use EVP API to get the size of DH - Add some log debug lines - Related: rhbz#2091694 * Thu Apr 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-30 - Some non-terminating processes were listening on ports. Resolves: rhbz#2177768 - On sshd startup, we check whether signing using the SHA1 for signing is available and don't use it when it isn't. - On ssh private key conversion we explicitly use SHA2 for testing RSA keys. - In sshd, when SHA1 signatures are unavailable, we fallback (fall forward :) ) to SHA2 on host keys proof confirmation. - On a client side we permit SHA2-based proofs from server when requested SHA1 proof (or didn't specify the hash algorithm that implies SHA1 on the client side). It is aligned with already present exception for RSA certificates. - We fallback to SHA2 if SHA1 signatures is not available on the client side (file sshconnect2.c). - We skip dss-related tests (they don't work without SHA1). Resolves: rhbz#2070163 - FIPS compliance efforts for dh, ecdh and signing Resolves: rhbz#2091694 * Thu Apr 06 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-29 - Resolve possible self-DoS with some clients Resolves: rhbz#2186473 * Thu Jan 12 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-28 - Do not try to use SHA1 for host key ownership proof when we don't support it server-side Resolves: rhbz#2088750 * Thu Jan 12 2023 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-27 - Add sk-dummy subpackage for test purposes Resolves: rhbz#2092780 * Fri Jan 06 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-26 - Fix one-byte overflow in SSH banner processing Resolves: rhbz#2138345 - Fix double free() in error path Resolves: rhbz#2138347 * Fri Dec 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-25 - Build fix after OpenSSL rebase Resolves: rhbz#2153626 * Fri Sep 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-24 - Set minimal value of RSA key length via configuration option - support both names Resolves: rhbz#2128352 * Thu Sep 22 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-23 - Set minimal value of RSA key length via configuration option Resolves: rhbz#2128352 * Tue Aug 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-22 - Avoid spirous message on connecting to the machine with ssh-rsa keys Related: rhbz#2115246 - Set minimal value of RSA key length via configuration option Related: rhbz#2066882 * Thu Aug 04 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-21 - IBMCA workaround Related: rhbz#1976202 * Tue Jul 26 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-20 + 0.10.4-5 - Fix openssh-8.7p1-scp-clears-file.patch Related: rhbz#2056884 * Fri Jul 15 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-19 + 0.10.4-5 - FIX pam_ssh_agent_auth auth for RSA keys Related: rhbz#2070113 * Thu Jul 14 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-18 - Fix new coverity issues Related: rhbz#2068423 * Thu Jul 14 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-17 - Disable ed25519 and ed25519-sk keys in FIPS mode Related: rhbz#2087915 * Thu Jul 14 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-16 - Don't propose disallowed algorithms during hostkey negotiation Resolves: rhbz#2068423 * Thu Jul 14 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-15 - Disable ed25519 and ed25519-sk keys in FIPS mode Related: rhbz#2087915 * Wed Jul 13 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-14 - Disable ed25519 and ed25519-sk keys in FIPS mode Related: rhbz#2087915 * Tue Jul 12 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-13 - Add reference for policy customization in ssh/sshd_config manpages Resolves: rhbz#1984575 * Mon Jul 11 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-12 - Disable sntrup761x25519-sha512 in FIPS mode Related: rhbz#2070628 - Disable ed25519 and ed25519-sk keys in FIPS mode Related: rhbz#2087915 * Mon Jul 11 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-11 - Fix scp clearing file when src and dest are the same Resolves: rhbz#2056884 - Add missing options from ssh_config into ssh manpage Resolves: rhbz#2033372 - Fix several memory leaks Related: rhbz#2068423 - Fix gssapi authentication failures Resolves: rhbz#2091023 - Fix host-based authentication with rsa keys Resolves: rhbz#2088916 * Wed Jun 29 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-10 - Set minimal value of RSA key length via configuration option Related: rhbz#2066882 - Use EVP functions for RSA key generation Related: rhbz#2087121 * Wed Jun 29 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-9 - Update minimize-sha1-use.patch to use upstream code Related: rhbz#2031868 - Change product name from Fedora to RHEL in openssh-7.8p1-UsePAM-warning.patch Resolves: rhbz#2064338 - Change log level of FIPS specific log message to verbose Resolves: rhbz#2102201 * Mon Feb 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-8 - Workaround for RHEL 8 incompatibility in scp utility in SFTP mode Related: rhbz#2038854 * Mon Feb 07 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-7 - Switch to SFTP protocol in scp utility by default - upstream fixes Related: rhbz#2001002 - Workaround for RHEL 8 incompatibility in scp utility in SFTP mode Related: rhbz#2038854 * Tue Dec 21 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-6 - Fix SSH connection to localhost not possible in FIPS Related: rhbz#2031868 * Mon Nov 29 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-5 - Fix `ssh-keygen -Y find-principals -f /dev/null -s /dev/null` segfault Related: rhbz#2024902 * Mon Oct 25 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-4 - Fix memory leaks introduced in OpenSSH 8.7 Related: rhbz#2001002 * Tue Oct 19 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-3 - Disable locale forwarding in default configurations Related: rhbz#2002734 * Fri Oct 01 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-2 - Upstream fix for CVE-2021-41617 Related: rhbz#2008886 * Fri Sep 24 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-1 + 0.10.4-4 - New upstream release - Switch to SFTP protocol in scp utility by default - Enable SCP protocol kill switch Related: rhbz#2001002 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 8.6p1-7.1 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Wed Jul 28 2021 Florian Weimer <fweimer@redhat.com> - 8.6p1-7 - Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097)

Main Site Links:

Information for build openssh-8.7p1-34.el9