Well, I've fixed OpenSSH's pam.d file in that version, not sure if you want to call the stable on that one or you prefer to bump a copy of an older version for the extra patches. Anyway the file is just the same, named sshd.pam_include.1; just get the new revision to install it and get it marked stable.
can we get these stabilized: openssh-4.0_p1-r2 openssh-4.1_p1-r1 openssh-4.5_p1-r2 openssh-4.6_p1-r2
(In reply to comment #1) > can we get these stabilized: > openssh-4.0_p1-r2 > openssh-4.1_p1-r1 > Those two are vulnerable, can we skip those?
openssh-4.5_p1-r2, AMD64: compiles, no collisions, works. Would be nice to get a test of LPK, as thats what the version bump was for (I dont have a clue about ldap) Portage 2.1.2.9 (default-linux/amd64/2007.0/desktop, gcc-4.1.2, glibc-2.5-r3, 2.6.21-gentoo-r3 x86_64) ================================================================= System uname: 2.6.21-gentoo-r3 x86_64 AMD Turion(tm) 64 X2 Mobile Technology TL-56 Gentoo Base System release 1.12.9 Timestamp of tree: Wed, 04 Jul 2007 08:20:01 +0000 ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r7 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.21 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -msse3 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-march=athlon64 -O2 -msse3 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="buildpkg ccache collision-protect distlocks fixpackages metadata-transfer multilib-strict sandbox sfperms strict test userpriv" GENTOO_MIRRORS="http://www.mirror.ac.uk/mirror/distro.ibiblio.org/pub/linux/distributions/gentoo http://gentoo.virginmedia.com http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LINGUAS="en en_GB" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/enlightenment /usr/portage/local/layman/sunrise /usr/portage/local" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="3dnow X Xaw3d a52 aac acpi alsa amd64 audiofile berkdb bitmap-fonts branding bzip2 cairo cddb cdparanoia cdr cli cracklib cups curl dbus dri dts dvb dvd dvdr dvdread emboss encode evo exif expat fam ffmpeg firefox foomaticdb gdbm gif glitz gs gtk guile hal iconv icu imagemagick imlib isdnlog ithreads java javascript jpeg libg++ libwww lirc logrotate mad midi mmap mmx mmxext mp3 msn mudflap ncurses nls nptl nptlonly nsplugin offensive ogg openal opengl openmp pam pcre pdf perl png ppds pppd python qt3support qt4 readline reflection sdl session sndfile spl sse sse2 ssl svg symlink tcl tcpd test threads tiff tk truetype truetype-fonts type1-fonts unicode usb v4l v4l2 vorbis x264 xcb xml xorg xosd xscreensaver xv zlib" ALSA_CARDS="hda-intel usb-audio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse synaptics ps2mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB" LIRC_DEVICES="mceusb2" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
net-misc/openssh-4.6_p1-r2 AMD64: Compiles fine, No Collisions. Works as far as I can tell with my 2 servers. Did not test LDAP as I don't have a clue about it either. Portage 2.1.2.9 (default-linux/amd64/2006.1, gcc-4.1.2, glibc-2.5-r3, 2.6.22-rc6-ck1 x86_64) ================================================================= System uname: 2.6.22-rc6-ck1 x86_64 Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz Gentoo Base System release 1.12.10 Timestamp of tree: Tue, 03 Jul 2007 15:00:01 +0000 dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r5 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=nocona -fomit-frame-pointer -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -march=nocona -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.osuosl.org/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://www.gtlib.gatech.edu/pub/gentoo " MAKEOPTS="-j3" PKGDIR="/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X aac alsa amd64 berkdb bitmap-fonts cli cracklib crypt cups dbus dri flac fortran gdbm gpm iconv isdnlog jpeg kde kdeenablefinal libg++ mad midi mp3 mpeg mudflap ncurses nls nptl nptlonly ogg opengl openmp oss pam pcre perl png ppds pppd python qt4 readline reflection session spl ssl symlink tcpd truetype truetype-fonts type1-fonts unicode vorbis xml xorg zlib" ALSA_CARDS="usb-audio hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
All four stable for HPPA.
will there be ldap support in the 4.6 series? as openssh is being built when building a stage3, stage building will fail on next release, will it? (ldap is in default use flags)
that's really up to lcars
On ppc both openssh-4.6_p1-r2 and openssh-4.5_p1-r2 fails in the tests: run test connect.sh ... ssh connect with protocol 1 failed ssh connect with protocol 2 failed failed simple connect Portage 2.1.3_rc6 (default-linux/ppc/ppc32/2007.0/desktop/G4/Pegasos, gcc-4.1.2, glibc-2.5-r3, 2.6.20-gentoo-r3 ppc) ================================================================= System uname: 2.6.20-gentoo-r3 ppc 7447/7457, altivec supported Gentoo Base System release 1.12.9 Timestamp of tree: Fri, 06 Jul 2007 15:20:01 +0000 distcc 2.18.3 powerpc-unknown-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.4 [disabled] dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r4, 2.5.1-r2 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r7 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="ppc" AUTOCLEAN="yes" CBUILD="powerpc-unknown-linux-gnu" CFLAGS="-O2 -mtune=G4 -mcpu=G4 -maltivec -mabi=altivec -pipe" CHOST="powerpc-unknown-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -mtune=G4 -mcpu=G4 -maltivec -mabi=altivec -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests collision-protect cvs distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userpriv usersandbox" GENTOO_MIRRORS=" http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/" LANG="C" LINGUAS="en de" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage /usr/portage/local/layman/sunrise" SYNC="rsync://rsync1.de.gentoo.org/gentoo-portage" USE="X X509 a52 aac aalib acl alsa altivec apache2 avahi bash-completion berkdb bitmap-fonts bluetooth bzip2 cairo cddb cdr cli cracklib crypt cscope ctype cups dbus dga dmx dri dts dvb dvd dvdr dvdread dvi eds emboss encode evo exif fam fbcon ffmpeg firefox flac foomaticdb fortran ftp gd gdbm gif gimpprint gnome gnutls gpgme gpm gs gstreamer gtk hal howl ical iconv idn ieee1394 imagemagick imap ipv6 irda isdnlog jabber java jpeg kde kdeenablefinal kdehiddenvisibility kdepim kdexdeltas latex ldap libcaca libg++ libnotify lirc mad maildir matroska midi mikmod mime mng mono moznocompose moznoirc moznomail mp3 mp4 mpeg mudflap musepack musicbrainz mysql ncurses new-login nls nntp nptl nptlonly nsplugin ogg opengl openmp pam pcre pdf perl png ppc ppds pppd python qt3 qt3support qt4 quicktime readline recode reflection rtc ruby samba scanner sdl session slang smime sndfile sockets speex spell spl ssl startup-notification svg t1lib tcpd tetex theora threads tiff timidity truetype truetype-fonts type1-fonts unicode usb v4l v4l2 vcd vdr videos vim-syntax vorbis wmf x264 xanim xine xinerama xinetd xml xorg xosd xprint xscreensaver xv xvid zeroconf zlib" ALSA_CARDS="via82xx" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en de" LIRC_DEVICES="devinput" USERLAND="GNU" VIDEO_CARDS="fbdev radeon" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
mips stable.
Well, alpha/ia64/x86 stable then
sparc done, i guess security can nuke them or whatever if some older version isn't fit.
Marked ppc/ppc64 stable.
Fails (on x86) with "ldap" or "smartcard" in USE. Why are you stabilizing a package that can't build by design? Both the "ldap" patch as well as the "smartcard" patch are commented out ----------------------------------------------------------- SECURID_PATCH="" #${PARCH/4.6/4.5}+SecurID_v1.3.2.patch" LDAP_PATCH="" #${PARCH/-4.5p1/-lpk-4.5p1}-0.3.8.patch" ----------------------------------------------------------- as are their SRC_URIs ----------------------------------------------------------- # smartcard? ( http://omniti.com/~jesus/projects/${SECURID_PATCH} ) # ldap? ( http://dev.inversepath.com/openssh-lpk/${LDAP_PATCH} ) ----------------------------------------------------------- Axel
only amd64 left to do *poke team*
stable on amd64. Sorry for the delay. all arches done reassigning to security team.
i dont believe there is any actual glsa to be done associated with this bug