From 7114c4238b30b748ec0e93e8c1b82f631f4cdeda Mon Sep 17 00:00:00 2001 From: Tomáš Mráz Date: Oct 02 2006 17:35:50 +0000 Subject: - improve gssapi-no-spnego patch (#208102) - CVE-2006-4924 - prevent DoS on deattack detector (#207957) - CVE-2006-5051 - don't call cleanups from signal handler (#208459) --- diff --git a/openssh.spec b/openssh.spec index 7b5bc7a..3d20730 100644 --- a/openssh.spec +++ b/openssh.spec @@ -61,7 +61,7 @@ Summary: The OpenSSH implementation of SSH protocol versions 1 and 2 Name: openssh Version: 4.3p2 -Release: 9%{?rescue_rel} +Release: 10%{?rescue_rel} URL: http://www.openssh.com/portable.html #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig @@ -96,6 +96,8 @@ Patch41: openssh-4.3p2-gssapi-no-spnego.patch Patch42: openssh-4.3p2-no-dup-logs.patch Patch43: openssh-4.3p2-localtime.patch Patch44: openssh-4.3p2-allow-ip-opts.patch +Patch45: openssh-4.3p2-cve-2006-4924.patch +Patch46: openssh-3.9p1-cve-2006-5051.patch License: BSD Group: Applications/Internet BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot @@ -229,6 +231,8 @@ an X11 passphrase dialog for OpenSSH. %patch42 -p1 -b .no-dups %patch43 -p1 -b .localtime %patch44 -p1 -b .ip-opts +%patch45 -p1 -b .deattack-dos +%patch46 -p1 -b .sig-no-cleanup autoreconf @@ -473,6 +477,11 @@ fi %endif %changelog +* Mon Oct 2 2006 Tomas Mraz - 4.3p2-10 +- improve gssapi-no-spnego patch (#208102) +- CVE-2006-4924 - prevent DoS on deattack detector (#207957) +- CVE-2006-5051 - don't call cleanups from signal handler (#208459) + * Wed Aug 23 2006 Tomas Mraz - 4.3p2-9 - don't report duplicate syslog messages, use correct local time (#189158) - don't allow spnego as gssapi mechanism (from upstream)