diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh_8.9p1.bb')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh_8.9p1.bb | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index a3a0016ce5..bc8e2d81b8 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb @@ -26,6 +26,16 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://add-test-support-for-busybox.patch \ file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \ file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \ + file://7280401bdd77ca54be6867a154cc01e0d72612e0.patch \ + file://0001-upstream-include-destination-constraints-for-smartca.patch \ + file://CVE-2023-38408-0001.patch \ + file://CVE-2023-38408-0002.patch \ + file://CVE-2023-38408-0003.patch \ + file://CVE-2023-38408-0004.patch \ + file://fix-authorized-principals-command.patch \ + file://CVE-2023-48795.patch \ + file://CVE-2023-51384.patch \ + file://CVE-2023-51385.patch \ " SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7" @@ -54,15 +64,12 @@ SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket" inherit autotools-brokensep ptest -PACKAGECONFIG ??= "rng-tools" +PACKAGECONFIG ??= "" PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat" -# Add RRECOMMENDS to rng-tools for sshd package -PACKAGECONFIG[rng-tools] = "" - EXTRA_AUTORECONF += "--exclude=aclocal" # login path is hardcoded in sshd @@ -160,19 +167,14 @@ FILES:${PN}-sftp-server = "${libexecdir}/sftp-server" FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" FILES:${PN}-keygen = "${bindir}/ssh-keygen" -RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" +RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen ${PN}-sftp-server" RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" -RRECOMMENDS:${PN}-sshd:append:class-target = "\ - ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \ -" - # break dependency on base package for -dev package # otherwise SDK fails to build as the main openssh and dropbear packages # conflict with each other RDEPENDS:${PN}-dev = "" - # gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies -RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils" +RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed coreutils" RPROVIDES:${PN}-ssh = "ssh" RPROVIDES:${PN}-sshd = "sshd" |