summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh_8.9p1.bb')
-rw-r--r--meta/recipes-connectivity/openssh/openssh_8.9p1.bb24
1 files changed, 13 insertions, 11 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
index a3a0016ce5..bc8e2d81b8 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -26,6 +26,16 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://add-test-support-for-busybox.patch \
file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \
+ file://7280401bdd77ca54be6867a154cc01e0d72612e0.patch \
+ file://0001-upstream-include-destination-constraints-for-smartca.patch \
+ file://CVE-2023-38408-0001.patch \
+ file://CVE-2023-38408-0002.patch \
+ file://CVE-2023-38408-0003.patch \
+ file://CVE-2023-38408-0004.patch \
+ file://fix-authorized-principals-command.patch \
+ file://CVE-2023-48795.patch \
+ file://CVE-2023-51384.patch \
+ file://CVE-2023-51385.patch \
"
SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
@@ -54,15 +64,12 @@ SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket"
inherit autotools-brokensep ptest
-PACKAGECONFIG ??= "rng-tools"
+PACKAGECONFIG ??= ""
PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5"
PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns"
PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat"
-# Add RRECOMMENDS to rng-tools for sshd package
-PACKAGECONFIG[rng-tools] = ""
-
EXTRA_AUTORECONF += "--exclude=aclocal"
# login path is hardcoded in sshd
@@ -160,19 +167,14 @@ FILES:${PN}-sftp-server = "${libexecdir}/sftp-server"
FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*"
FILES:${PN}-keygen = "${bindir}/ssh-keygen"
-RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen"
+RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen ${PN}-sftp-server"
RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
-RRECOMMENDS:${PN}-sshd:append:class-target = "\
- ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \
-"
-
# break dependency on base package for -dev package
# otherwise SDK fails to build as the main openssh and dropbear packages
# conflict with each other
RDEPENDS:${PN}-dev = ""
-
# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
-RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils"
+RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed coreutils"
RPROVIDES:${PN}-ssh = "ssh"
RPROVIDES:${PN}-sshd = "sshd"