From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Cc: Adolf Belka <adolf.belka@ipfire.org>
Subject: [PATCH 7/9] libssh: Update to version 0.11.1 - fixes min cmake version
Date: Sun, 11 May 2025 12:13:02 +0200 [thread overview]
Message-ID: <20250511101311.7315-7-adolf.belka@ipfire.org> (raw)
In-Reply-To: <20250511101311.7315-1-adolf.belka@ipfire.org>
- Update from version 0.10.6 to 0.11.1
- Update of rootfile
- Changelog
0.11.1
* Fixed default TTY modes that are set when stdin is not connected to tty (#270)
* Fixed zlib cleanup procedure, which could crash on i386
* Various test fixes improving their stability
* Fixed cygwin build
0.11.0
* Deprecations and Removals:
* Dropped support for DSA
* Deprecated Blowfish cipher (will be removed in next release)
* Deprecated SSH_BIND_OPTIONS_{RSA,ECDSA}KEY in favor of generic HOSTKEY
* Removed the usage of deprecated OpenSSL APIs (Note: Minimum supported
OpenSSL version is 1.1.1)
* Disabled preauth compression (zlib) by default
* Support for pkcs#11 engines are deprecated, pkcs11-provider is used instead
* Deprecation of old async SFTP API
* libgcrypt cryptographic backend is deprecated
* Deprecation of knownhosts hashing
* SFTP Improvements:
* Added support for async SFTP IO
* Added support for sftp_limits() and applied capping to SFTP read/write
operations accordingly
* Added sftp_home_directory() API support for sftp extension "home-directory"
* Added sftp_lsetstat() API for lsetstat extensions
* Added sftp_expand_path() to canonicalize path using expand-path@openssh.com
extension
* Implemented stat and realpath in sftpserver
* Added sftp_readlink() API to support hardlink@openssh.com
* New extensible callback based SFTP server
* Introduced the posix-rename@openssh.com extension
* New functions and features:
* Added support for PKCS #11 provider for OpenSSL 3.0
* Added testing for GSSAPI Authentication
* Implemented proxy jump using libssh
* Recategorized loglevels to show fatal errors and alignment with OpenSSH
log levels
* Added ssh_channel_request_pty_size_modes() API to set terminal modes for
PTYs
* Added function to check username syntax
* Added support to check all keys in authorized_keys instead of one in
example server implementation
* Handled hostkey similar to OpenSSH
* Added ssh_session_socket_close() API in order to not close socket passed
through options on error conditions
* Added option SSH_BIND_OPTIONS_IMPORT_KEY_STR to read user-supplied key
string in ssh_bind_options_set()
* Improved log handling around ssh_set_callbacks
* Added ssh_set_error_invalid in ssh_options_set()
* Prevented signature blob to start with 1 bit in libgcrypt
* Added support to unbreak key comparison of Ed25519 keys imported from PEM
or OpenSSH container
* Added support to calculate missing CRT parameters when building RSA key
* Added ssh_pki_export_privkey_base64_format() and
ssh_pki_export_privkey_file_format() to support exporting keys in different
formats (PEM, OpenSSH)
* Added support to compare certificates and handle automatic certificate
authentication
* Added support to make compile-commands generation conditional
* Built fuzzers for normal testing
* Avoided passing other events to callbacks when called recursively
* Added control master and path options
* Refactored channel_rcv_data, check for errors and report more useful errors
* Added support to connect to other host addresses than just the first one
* Terminated the server properly when the MaxAuthTries is reached
* Added support for no-more-sessions@openssh.com request in both client and
server
* Added callback to support forwarded-tcpip requests
* Bumped minimal CMake version to 3.12
* Added support for MBedTLS 3.6.x
* Added support for +,-,^ modifiers in front of algorithm lists in options
* Added callbacks for channel open response, and channel request response
* Replaced chroot() from chroot_wrapper internal library with chroot()
from priv_wrapper package
* Added a placeholder for non-expanded identities
* Improved handling of channel transfer window sizes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/libssh | 3 ++-
lfs/libssh | 6 +++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/libssh b/config/rootfiles/common/libssh
index 417a8be8d..5b0c59fbd 100644
--- a/config/rootfiles/common/libssh
+++ b/config/rootfiles/common/libssh
@@ -6,6 +6,7 @@
#usr/include/libssh/libsshpp.hpp
#usr/include/libssh/server.h
#usr/include/libssh/sftp.h
+#usr/include/libssh/sftpserver.h
#usr/include/libssh/ssh2.h
#usr/lib/cmake/libssh
#usr/lib/cmake/libssh/libssh-config-noconfig.cmake
@@ -13,5 +14,5 @@
#usr/lib/cmake/libssh/libssh-config.cmake
#usr/lib/libssh.so
usr/lib/libssh.so.4
-usr/lib/libssh.so.4.9.6
+usr/lib/libssh.so.4.10.1
#usr/lib/pkgconfig/libssh.pc
diff --git a/lfs/libssh b/lfs/libssh
index 587a97921..d7b956aa6 100644
--- a/lfs/libssh
+++ b/lfs/libssh
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 0.10.6
+VER = 0.11.1
THISAPP = libssh-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 6ae1c611b685fa8ec5e5fb159f93493edf4d8ae8536300cd9a357daadc28ca2fbd8a64a22157744bc97e2e672b0b84b58e1167d7369fe88306b3581098af9f57
+$(DL_FILE)_BLAKE2 = 87079b4eaf66ceb77803b3d854f847b3f3fb6a67ac3bfa756ebcf8f06bf2b313e976044e0a1d81227fb5278fb04bc56f1a82877d14a6ee76bec0c690b14f38a7
install : $(TARGET)
--
2.49.0
next prev parent reply other threads:[~2025-05-11 10:13 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-11 10:12 [PATCH 1/9] curl: Update to version 8.13.0 Adolf Belka
2025-05-11 10:12 ` [PATCH 2/9] cmake: Update to version 4.0.2 Adolf Belka
2025-05-11 10:12 ` [PATCH 3/9] cdrkit: Remove packge as it cannot be built with cmake-4.0.x Adolf Belka
2025-05-11 10:12 ` [PATCH 4/9] xorriso: Package to replace cdrkit Adolf Belka
2025-05-12 15:17 ` Michael Tremer
2025-05-12 16:07 ` Adolf Belka
2025-05-12 16:08 ` Michael Tremer
2025-05-12 16:39 ` Adolf Belka
2025-05-11 10:13 ` [PATCH 5/9] json-c: Update to CMakeLists.txt min cmake version Adolf Belka
2025-05-11 10:13 ` [PATCH 6/9] libid3tag: Update CMakeLists.txt with " Adolf Belka
2025-05-11 10:13 ` Adolf Belka [this message]
2025-05-11 10:13 ` [PATCH 8/9] soxr: Update CMakeLists.txt with cmake min version Adolf Belka
2025-05-11 10:13 ` [PATCH 9/9] transmission: Update to CMakeLists.txt of min cmake version Adolf Belka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250511101311.7315-7-adolf.belka@ipfire.org \
--to=adolf.belka@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox