From: Ross Burton <ross.burton@arm.com>
Date: Mon, 7 Aug 2023 17:00:17 +0000 (+0100)
Subject: openssh: upgrade to 9.3p2
X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~172
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ae89bdeaa97c8d6a0b63e92da31290548f03168;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

openssh: upgrade to 9.3p2

9795c401 (tag: V_9_3_P2) OpenSSH 9.3p2
bde3635f update version in README
f673f2f3 update RPM spec versions
d7790cdc disallow remote addition of FIDO/PKCS11 keys
b23fe83f terminate pkcs11 process for bad libraries

This includes the fix for CVE-2023-38408.

Signed-off-by: Ross Burton <ross.burton@arm.com>
---

diff --git a/meta/recipes-connectivity/openssh/openssh_9.3p1.bb b/meta/recipes-connectivity/openssh/openssh_9.3p2.bb
similarity index 98%
rename from meta/recipes-connectivity/openssh/openssh_9.3p1.bb
rename to meta/recipes-connectivity/openssh/openssh_9.3p2.bb
index 3edc123b9a3..5fb2dccdfc8 100644
--- a/meta/recipes-connectivity/openssh/openssh_9.3p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_9.3p2.bb
@@ -26,7 +26,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
            file://add-test-support-for-busybox.patch \
            file://7280401bdd77ca54be6867a154cc01e0d72612e0.patch \
            "
-SRC_URI[sha256sum] = "e9baba7701a76a51f3d85a62c383a3c9dcd97fa900b859bc7db114c1868af8a8"
+SRC_URI[sha256sum] = "200ebe147f6cb3f101fd0cdf9e02442af7ddca298dffd9f456878e7ccac676e8"
 
 CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here."