feat: update openssh to 1:10.0p1-7+deb13u4#17
Merged
Conversation
Contributor
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
Contributor
|
Skipping CI for Draft Pull Request. |
|
TAG Bot TAG: 1%10.0p1-7+deb13u4deepin1 |
Contributor
|
Closing in favor of PR#19 |
Cherry-pick the following commits from master that were lost during the 1:10.0p1-7+deb13u4 version update: - 8f43df3 Force SSH_EXTRAVERSION to Deepin - 737fe6f fix: ssh.service is disabled by default - d2260e3 fix: duplicate output - c080561 feat: add sm support - 676a880 feat: add sw64 support Log: backport deepin-specific patches from master Influence: 1. Verify ssh -V shows "Deepin" in version string 2. Verify ssh.service is disabled by default on uos 3. Verify no duplicate PAM login message on SSH login 4. Verify SM2/SM3/SM4 cipher support works 5. Verify openssh builds on sw64 architecture feat: 从 master 回合 deepin 特定补丁 从 master 分支回合以下在 1:10.0p1-7+deb13u4 版本更新中丢失的提交: - 8f43df3 Force SSH_EXTRAVERSION to Deepin - 737fe6f fix: ssh.service is disabled by default - d2260e3 fix: duplicate output - c080561 feat: add sm support - 676a880 feat: add sw64 support Log: 从 master 回合 deepin 特定补丁 Influence: 1. 验证 ssh -V 显示 "Deepin" 版本字符串 2. 验证 uos 上 ssh.service 默认不启用 3. 验证 SSH 登录无重复 PAM 登录信息 4. 验证 SM2/SM3/SM4 密码套件支持正常 5. 验证 openssh 在 sw64 架构上能正常编译 repo: openssh #dcbot/debian/10.0p1 fix: add deepin-ssh-keygen privatekey file permission patch Add deepin-ssh-keygen-privatekey-file-perm.patch to set private key file permission to 0400 (instead of 0644) when writing with sshbuf_write_file, preventing overly permissive key file permissions. This patch was lost during the 1:10.0p1-7+deb13u4 version update. Log: add deepin-ssh-keygen privatekey file permission patch Influence: 1. Verify ssh-keygen generates private key files with 0400 permission fix: 添加 ssh-keygen 私钥文件权限补丁 将 sshbuf_write_file 写入私钥文件的权限从 0644 改为 0400, 防止私钥文件权限过于宽松。 Log: 添加 ssh-keygen 私钥文件权限补丁 Influence: 1. 验证 ssh-keygen 生成的私钥文件权限为 0400 repo: openssh #dcbot/debian/10.0p1 fix: refresh patches to apply cleanly on 10.0p1 source Refresh all backported patches using quilt to eliminate fuzz/offset and ensure they apply cleanly with dpkg-source strict checking (-F 0): - deepin-extra-version.patch: Update version.h context (10.0p1 uses "p2") - deepin-ssh-connect-idle-timeout.patch: Regenerate sshd_config context - deepin-ssh-keygen-privatekey-file-perm.patch: Clean format - add-sm-support.patch: Fix sshd-session.c hunks, add KEX_SM2_SM3 to monitor.c (kex setup moved from sshd-session.c to monitor.c in 10.0p1) - uniontech-fix-duplicate-loginmsg.patch: Fix trailing newline, refresh monitor.c hunk offset Log: refresh patches for clean dpkg-source apply Influence: 1. Verify dpkg-source --build succeeds 2. Verify quilt push -a applies all patches cleanly fix: 刷新补丁使其在 10.0p1 源码上干净应用 通过 quilt refresh 消除所有 fuzz/offset,满足 dpkg-source 严格检查 Log: 刷新补丁使其干净应用 Influence: 1. 验证 dpkg-source --build 成功 2. 验证 quilt push -a 干净应用所有补丁 repo: openssh #dcbot/debian/10.0p1
Contributor
|
/topic openssh-20260616 |
Contributor
|
Add topic: openssh-20260616 successed. |
Contributor
|
/integr-topic openssh-20260616 |
Contributor
|
/hold |
Contributor
|
Integrated with pr deepin-community/Repository-Integration#4156 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request is requested by @UTsweetyfish.
Basic Information
Old Version: 1:9.9p2-0deepin7
New Version: 1:10.0p1-7+deb13u4
Old version may contain dde / deepin patches. Please review more precisely.
Patch series