From b53c538acd99b8a5a67683b1156530bb5a98d6e1 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Aug 04 2022 12:37:20 +0000 Subject: IBMCA workaround Related: rhbz#1976202 --- diff --git a/openssh-8.7p1-ibmca.patch b/openssh-8.7p1-ibmca.patch new file mode 100644 index 0000000..c9c12ee --- /dev/null +++ b/openssh-8.7p1-ibmca.patch @@ -0,0 +1,12 @@ +--- openssh-8.7p1/openbsd-compat/bsd-closefrom.c.orig 2022-04-12 15:47:03.815044607 +0200 ++++ openssh-8.7p1/openbsd-compat/bsd-closefrom.c 2022-04-12 15:48:12.464963511 +0200 +@@ -16,7 +16,7 @@ + + #include "includes.h" + +-#ifndef HAVE_CLOSEFROM ++#if (!defined HAVE_CLOSEFROM) || (defined __s390__) + + #include + #include + diff --git a/openssh.spec b/openssh.spec index d5050aa..d7f33b8 100644 --- a/openssh.spec +++ b/openssh.spec @@ -51,7 +51,7 @@ # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 %global openssh_ver 8.7p1 -%global openssh_rel 20 +%global openssh_rel 21 %global pam_ssh_agent_ver 0.10.4 %global pam_ssh_agent_rel 5 @@ -218,6 +218,9 @@ Patch981: openssh-8.7p1-recursive-scp.patch Patch982: openssh-8.7p1-minrsabits.patch # downstream only Patch983: openssh-8.7p1-evpgenkey.patch +# downstream only, IBMCA tentative fix +# From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 +Patch984: openssh-8.7p1-ibmca.patch # Minimize the use of SHA1 as a proof of possession for RSA key (#2031868) # upstream commits: @@ -436,6 +439,7 @@ popd %patch981 -p1 -b .scp-sftpdirs %patch982 -p1 -b .minrsabits %patch983 -p1 -b .evpgenrsa +%patch984 -p1 -b .ibmca %patch200 -p1 -b .audit %patch201 -p1 -b .audit-race @@ -728,6 +732,10 @@ test -f %{sysconfig_anaconda} && \ %endif %changelog +* Thu Aug 04 2022 Dmitry Belyavskiy - 8.7p1-21 +- IBMCA workaround + Related: rhbz#1976202 + * Tue Jul 26 2022 Zoltan Fridrich - 8.7p1-20 + 0.10.4-5 - Fix openssh-8.7p1-scp-clears-file.patch Related: rhbz#2056884