[MacPorts] #58047: openssh @7.6p1_6: CVE-2018-20685, CVE-2019-6109 and CVE-2019-6111

MacPorts noreply at macports.org
Wed Oct 16 11:15:33 UTC 2019


#58047: openssh @7.6p1_6: CVE-2018-20685, CVE-2019-6109 and CVE-2019-6111
----------------------+----------------------
  Reporter:  piru     |      Owner:  Ionic
      Type:  defect   |     Status:  closed
  Priority:  Normal   |  Milestone:
 Component:  ports    |    Version:  2.5.4
Resolution:  fixed    |   Keywords:  security
      Port:  openssh  |
----------------------+----------------------
Changes (by Mihai Moldovan <ionic@…>):

 * status:  accepted => closed
 * resolution:   => fixed


Comment:

 In [changeset:"715635bdfb881e287a52e23b298e379a4e9c03ac/macports-ports"
 715635bdfb881e287a52e23b298e379a4e9c03ac/macports-ports] (master):
 {{{
 #!ConfigurableCommitTicketReference repository="macports-ports"
 revision="715635bdfb881e287a52e23b298e379a4e9c03ac"
 net/{openssh,ssh-copy-id}: update to 8.1p1.

 Fixes: https://trac.macports.org/ticket/56331
 Fixes: https://trac.macports.org/ticket/57025
 Fixes: https://trac.macports.org/ticket/58047
 Fixes: https://trac.macports.org/ticket/59009
 Fixes: https://trac.macports.org/ticket/59016

 Changes:
   - Rebase patches.
   - Update to newer HPN patchset version. Based upon the 8.0p1 version
     14.18 patch. Add a rebased OpenSSL-1.1-compat patch.
   - Switch to new ObjC-based Keychain integration as provided by Apple.
     Might fail on older platforms. If it does, we will need to bring
     back the old C-based implementation as an alternative for these.
   - Made the keychain integration and launchd startup patch a default
     one based upon request (and to be consistent with Apple's shipped
     OpenSSH version).
   - Portfile cleanup, don't define compile constants from outside - have
     autotools do that correctly.
   - Clarify where some of the patches come from - and especially for the
     gsskex patch that it is NOT a single patch taken from one location
     and rebased against the current OpenSSH version.
   - Renamed (now used) -m/-M options to -A/-K for the keychain
     integration.
 }}}

-- 
Ticket URL: <https://trac.macports.org/ticket/58047#comment:5>
MacPorts <https://www.macports.org/>
Ports system for macOS


More information about the macports-tickets mailing list