Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Andreas K. Hüttel" <dilfridge@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-libs/glibc/
Date: Thu, 23 Apr 2020 19:33:27
Message-Id: 1587670254.71cfbaaa8feb9925ae64b9a689a1859d9bf14862.dilfridge@gentoo
1 commit: 71cfbaaa8feb9925ae64b9a689a1859d9bf14862
2 Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
3 AuthorDate: Thu Apr 23 19:27:53 2020 +0000
4 Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
5 CommitDate: Thu Apr 23 19:30:54 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71cfbaaa
7
8 sys-libs/glibc: Block too-old openssh in 2.31 and later, bug 708224
9
10 Bug: https://bugs.gentoo.org/708224
11 Package-Manager: Portage-2.3.89, Repoman-2.3.20
12 Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org>
13
14 sys-libs/glibc/glibc-2.31-r2.ebuild | 3 +++
15 sys-libs/glibc/glibc-9999.ebuild | 3 +++
16 2 files changed, 6 insertions(+)
17
18 diff --git a/sys-libs/glibc/glibc-2.31-r2.ebuild b/sys-libs/glibc/glibc-2.31-r2.ebuild
19 index 6afa9eaa6ef..f03483a5f7c 100644
20 --- a/sys-libs/glibc/glibc-2.31-r2.ebuild
21 +++ b/sys-libs/glibc/glibc-2.31-r2.ebuild
22 @@ -85,6 +85,8 @@ fi
23 # We need a new-enough binutils/gcc to match upstream baseline.
24 # Also we need to make sure our binutils/gcc supports TLS,
25 # and that gcc already contains the hardened patches.
26 +# Lastly, let's avoid some openssh nastiness, bug 708224, as
27 +# convenience to our users.
28 BDEPEND="
29 ${PYTHON_DEPS}
30 >=app-misc/pax-utils-0.1.10
31 @@ -101,6 +103,7 @@ COMMON_DEPEND="
32 suid? ( caps? ( sys-libs/libcap ) )
33 selinux? ( sys-libs/libselinux )
34 systemtap? ( dev-util/systemtap )
35 + !<net-misc/openssh-8.1_p1-r2
36 "
37 DEPEND="${COMMON_DEPEND}
38 test? ( >=net-dns/libidn2-2.3.0 )
39
40 diff --git a/sys-libs/glibc/glibc-9999.ebuild b/sys-libs/glibc/glibc-9999.ebuild
41 index ca721953558..dafe72da8ed 100644
42 --- a/sys-libs/glibc/glibc-9999.ebuild
43 +++ b/sys-libs/glibc/glibc-9999.ebuild
44 @@ -84,6 +84,8 @@ fi
45 # We need a new-enough binutils/gcc to match upstream baseline.
46 # Also we need to make sure our binutils/gcc supports TLS,
47 # and that gcc already contains the hardened patches.
48 +# Lastly, let's avoid some openssh nastiness, bug 708224, as
49 +# convenience to our users.
50 BDEPEND="
51 ${PYTHON_DEPS}
52 >=app-misc/pax-utils-0.1.10
53 @@ -100,6 +102,7 @@ COMMON_DEPEND="
54 suid? ( caps? ( sys-libs/libcap ) )
55 selinux? ( sys-libs/libselinux )
56 systemtap? ( dev-util/systemtap )
57 + !<net-misc/openssh-8.1_p1-r2
58 "
59 DEPEND="${COMMON_DEPEND}
60 test? ( >=net-dns/libidn2-2.3.0 )
Report Message
Find on MARC Find on Google Groups