On 09/13/2018 08:27 AM, Alexander Kanavin wrote:
...
Good news everyone! Upstream openssh has finally gave into user
pressure, and added 1.1 support in the master branch. So the issue is
moot; we just need to wait for them to tag a release (no backports
please).
https://github.com/openssh/openssh-portable/commits/master
This will make oe-core entirely free of openssl10 dependencies.
Excellent.
Is there a planned release of openssh in the next day or
does someone need to switch to git or backport some/all of
the 36 post 7.8p1 commits for M3?
../Randy
$ git log --oneline V_7_8_P1...
cce8cbe0 Fix openssl-1.1 fallout for --without-openssl.
149519b9 add futex(2) syscall to seccomp sandbox
4488ae1a really add source for authopt_fuzz this time
9201784b remove accidentally checked-in authopt_fuzz binary
beb9e522 upstream:
second try, deals properly with missing and private-only
6bc5a24a fuzzer harness for authorized_keys option parsing
6c8b82fc upstream: revert following; deals badly with agent keys
6da046f9 upstream: garbage-collect moribund ssh_new_private() API.
1f24ac5f upstream: Use consistent format in debug log for keys readied,
488c9325 upstream: Fix warnings caused by
user_from_uid() and group_from_gid()
0aa1f230 allow SIGUSR1 as synonym for SIGINFO
d64e7852 add compat header
a3fd8074 upstream: missed a bit of openssl-1.0.x API in this unittest
86e0a9f3 upstream: use only openssl-1.1.x API here too
48f54b9d adapt -portable to OpenSSL 1.1x API
86112951 forgot to stage these test files in commit d70d061
482d23bc upstream: hold our collective noses and
use the openssl-1.1.x API in
d70d0618 upstream: Include certs with multiple RSA signature variants in
f803b268 upstream: test revocation by explicit hash and by fingerprint
2de78bc7 upstream: s/sshkey_demote/sshkey_from_private/g
41c115a5 delete the correct thing; kexfuzz binary
f0fcd7e6 upstream: fix edit mistake; spotted by jmc@
4cc259ba upstream: add SSH_ALLOWED_CA_SIGALGS - the default list of
ba9e7883 upstream: add sshkey_check_cert_sigtype() that checks a
a70fd4ad upstream: add cert->signature_type field and
keep it in sync with
357128ac upstream: Add "ssh -Q sig" to allow listing supported signature
9405c621 upstream: allow key revocation by SHA256 hash and
allow ssh-keygen
50e2687e upstream: log certificate fingerprint in authentication
de37ca90 upstream: Add FALLTHROUGH comments where appropriate.
Patch from
247766cd upstream: ssh -MM requires confirmation for all operations that
db8bb80e upstream: fix misplaced parenthesis inside if-clause.
it's harmless
086cc614 upstream: fix build with DEBUG_PK enabled
26788330 Handle ngroups>_SC_NGROUPS_MAX.
039bf2a8 Initial len for the fmt=NULL case.
ea9c06e1 Include stdlib.h.
9617816d document some more regress control env variables
../Randy
Alex
--
# Randy MacLeod
# Wind River Linux
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
