Merge pull request 'openssh 8.7p1-38.4.el9_4.security.0.9' (#40) from solardiz-patch-38 into main

Reviewed-on: #40 Reviewed-by: Neil Hanlon <neil@noreply@resf.org>
2024-08-08 12:53:34 +00:00 · 2024-08-08 12:53:34 +00:00 · 652f5248b7
commit 652f5248b7
parent 408a1d9b2b 7838177933
2 changed files with 13 additions and 2 deletions
--- a/docs/news.md
+++ b/docs/news.md
@ -2,6 +2,11 @@

 These are what we consider significant SIG/Security news items, not an exhaustive list of package updates and wiki edits.

+## August 7, 2024
+
+[openssh](packages/openssh.md) `8.7p1-38.4.el9_4.security.0.9` for EL9 is a rebase on RH's release with a CVE-2024-6409 fix,
+plus a further change of our own to suppress warnings about unsupported GSSAPI on systems configured for FIPS crypto-policy.
+
 ## July 8, 2024

 [openssh](packages/openssh.md) `8.7p1-38.1.el9_4.security.0.7` for EL9 adds a fix for [CVE-2024-6409](issues/CVE-2024-6409.md),
--- a/docs/packages/openssh.md
+++ b/docs/packages/openssh.md
@ -2,8 +2,8 @@

 ## EL9

- Version `8.7p1-38.1.el9_4.security.0.7`
- Based on `8.7p1-38.el9_4.1`
+- Version `8.7p1-38.4.el9_4.security.0.9`
+- Based on `8.7p1-38.el9_4.4`

 ### Changes summary

@ -14,6 +14,12 @@
 ### Change log

 ```
+* Wed Jul 17 2024 Solar Designer <solar@openwall.com> 8.7p1-38.4.el9_4.security.0.9
+- Patch the code to silently ignore GSSAPIKeyExchange when unsupported
+
+* Wed Jul 17 2024 Solar Designer <solar@openwall.com> 8.7p1-38.4.el9_4.security.0.8
+- Rebase on 8.7p1-38.4
+
 * Mon Jul 08 2024 Solar Designer <solar@openwall.com> 8.7p1-38.1.el9_4.security.0.7
 - Fix CVE-2024-6409