Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libssh2_org for openSUSE:Factory
checked in at 2021-12-12 21:27:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libssh2_org (Old)
and /work/SRC/openSUSE:Factory/.libssh2_org.new.2520 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh2_org"
Sun Dec 12 21:27:19 2021 rev:42 rq:939263 version:1.10.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/libssh2_org/libssh2_org.changes 2020-09-06
21:38:21.349716857 +0200
+++ /work/SRC/openSUSE:Factory/.libssh2_org.new.2520/libssh2_org.changes
2021-12-12 21:27:41.776344626 +0100
@@ -1,0 +2,49 @@
+Fri Dec 10 14:41:20 UTC 2021 - David Anes <david.a...@suse.com>
+
+- Bump to version 1.10.0
+ Enhancements and bugfixes:
+ * support ECDSA certificate authentication
+ * fix detailed _libssh2_error being overwritten by generic errors
+ * unified error handling
+ * fix _libssh2_random() silently discarding errors
+ * don't error if using keys without RSA
+ * avoid OpenSSL latent error in FIPS mode
+ * fix EVP_Cipher interface change in openssl 3
+ * fix potential overwrite of buffer when reading stdout of command
+ * use string_buf in ecdh_sha2_nistp() to avoid attempting to parse
malformed data
+ * correct a typo which may lead to stack overflow
+ * fix random big number generation to match openssl
+ * added key exchange group16-sha512 and group18-sha512.
+ * add support for an OSS Fuzzer fuzzing target
+ * adds support for ECDSA for both key exchange and host key algorithms
+ * clean up curve25519 code
+ * update the min, preferred and max DH group values based on RFC 8270.
+ * changed type of LIBSSH2_FX_* constants to unsigned long
+ * added diffie-hellman-group14-sha256 kex
+ * fix for use of uninitialized aes_ctr_cipher.key_len when using
HAVE_OPAQUE_STRUCTS, regression
+ * fixes memory leaks and use after free AES EVP_CIPHER contexts when
using OpenSSL 1.0.x.
+ * fixes crash with delayed compression option using Bitvise server.
+ * adds support for PKIX key reading
+ * use new API to parse data in packet_x11_open() for better bounds
checking.
+ * double the static buffer size when reading and writing known hosts
+ * improved bounds checking in packet_queue_listener
+ * improve message parsing (CVE-2019-17498)
+ * improve bounds checking in kex_agree_methods()
+ * adding SSH agent forwarding.
+ * fix agent forwarding message, updated example.
+ * added integration test code and cmake target. Added example to cmake
list.
+ * don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count
is down to zero.
+ * add an EWOULDBLOCK check for better portability
+ * fix off by one error when loading public keys with no id
+ * fix use-after-free crash on reinitialization of openssl backend
+ * preserve error info from agent_list_identities()
+ * make sure the error code is set in _libssh2_channel_open()
+ * fixed misspellings
+ * fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type`
+ * rename _libssh2_ecdsa_key_get_curve_type to
_libssh2_ecdsa_get_curve_type
+
+- Rebased patch libssh2-ocloexec.path
+- Removed patch libssh2_org-CVE-2019-17498.patch: the security fix
+ is already included in the latest version.
+
+-------------------------------------------------------------------
Old:
----
libssh2-1.9.0.tar.gz
libssh2-1.9.0.tar.gz.asc
libssh2_org-CVE-2019-17498.patch
New:
----
libssh2-1.10.0.tar.gz
libssh2-1.10.0.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libssh2_org.spec ++++++
--- /var/tmp/diff_new_pack.obLfAz/_old 2021-12-12 21:27:43.108345415 +0100
+++ /var/tmp/diff_new_pack.obLfAz/_new 2021-12-12 21:27:43.112345418 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libssh2_org
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define pkg_name libssh2
Name: libssh2_org
-Version: 1.9.0
+Version: 1.10.0
Release: 0
Summary: A library implementing the SSH2 protocol
License: BSD-3-Clause
@@ -29,8 +29,6 @@
Source2: baselibs.conf
Source3: libssh2_org.keyring
Patch0: libssh2-ocloexec.patch
-# PATCH-FIX-UPSTREAM bsc#1154862 CVE-2019-17498
-Patch1: libssh2_org-CVE-2019-17498.patch
BuildRequires: libtool
BuildRequires: openssl-devel
BuildRequires: pkgconfig
@@ -69,11 +67,9 @@
%prep
%setup -q -n %{pkg_name}-%{version}
%patch0 -p1
-%patch1 -p1
%build
sed -i -e 's@AM_CONFIG_HEADER@AC_CONFIG_HEADERS@g' configure.ac
-cp src/libssh2_config.h.in example/libssh2_config.h
# remove m4 macro files for libtool as they should be picked up by
rm -v m4/libtool.m4 m4/lt*
autoreconf -fiv
++++++ libssh2-1.9.0.tar.gz -> libssh2-1.10.0.tar.gz ++++++
++++ 33107 lines of diff (skipped)
++++++ libssh2-ocloexec.patch ++++++
--- /var/tmp/diff_new_pack.obLfAz/_old 2021-12-12 21:27:43.408345593 +0100
+++ /var/tmp/diff_new_pack.obLfAz/_new 2021-12-12 21:27:43.412345595 +0100
@@ -9,11 +9,11 @@
src/userauth.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
-Index: libssh2-1.9.0/src/agent.c
+Index: libssh2-1.10.0/src/agent.c
===================================================================
---- libssh2-1.9.0.orig/src/agent.c
-+++ libssh2-1.9.0/src/agent.c
-@@ -157,7 +157,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
+--- libssh2-1.10.0.orig/src/agent.c
++++ libssh2-1.10.0/src/agent.c
+@@ -109,7 +109,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
"no auth sock variable");
}
@@ -22,10 +22,10 @@
if(agent->fd < 0)
return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_SOCKET,
"failed creating socket");
-Index: libssh2-1.9.0/src/knownhost.c
+Index: libssh2-1.10.0/src/knownhost.c
===================================================================
---- libssh2-1.9.0.orig/src/knownhost.c
-+++ libssh2-1.9.0/src/knownhost.c
+--- libssh2-1.10.0.orig/src/knownhost.c
++++ libssh2-1.10.0/src/knownhost.c
@@ -963,7 +963,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN
"Unsupported type of known-host information "
"store");
@@ -44,10 +44,10 @@
if(!file)
return _libssh2_error(hosts->session, LIBSSH2_ERROR_FILE,
"Failed to open file");
-Index: libssh2-1.9.0/src/userauth.c
+Index: libssh2-1.10.0/src/userauth.c
===================================================================
---- libssh2-1.9.0.orig/src/userauth.c
-+++ libssh2-1.9.0/src/userauth.c
+--- libssh2-1.10.0.orig/src/userauth.c
++++ libssh2-1.10.0/src/userauth.c
@@ -578,7 +578,7 @@ file_read_publickey(LIBSSH2_SESSION * se
_libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s",
pubkeyfile);
@@ -57,11 +57,11 @@
if(!fd) {
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
"Unable to open public key file");
-Index: libssh2-1.9.0/src/libssh2_priv.h
+Index: libssh2-1.10.0/src/libssh2_priv.h
===================================================================
---- libssh2-1.9.0.orig/src/libssh2_priv.h
-+++ libssh2-1.9.0/src/libssh2_priv.h
-@@ -1138,6 +1138,8 @@ endings either CRLF or LF so 't' is appr
+--- libssh2-1.10.0.orig/src/libssh2_priv.h
++++ libssh2-1.10.0/src/libssh2_priv.h
+@@ -1149,6 +1149,8 @@ endings either CRLF or LF so 't' is appr
#define FOPEN_READTEXT "r"
#define FOPEN_WRITETEXT "w"
#define FOPEN_APPENDTEXT "a"
@@ -69,4 +69,4 @@
+#define FOPEN_WRITETEXT_CLOEXEC "we"
#endif
- #endif /* LIBSSH2_H */
+ #endif /* __LIBSSH2_PRIV_H */
