commit: a3ddee3a0c95e932481d494930a05f6f34938c1e
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 17 14:29:28 2020 +0000
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Mon Aug 17 14:32:33 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a3ddee3a
net-misc/openssh: depend on >=sys-kernel/linux-headers-5.1
In >=sys-libs/glibc-2.31 we are already forcing an upgrade of net-misc/openssh.
However, sandbox code in OpenSSH [Link 1] is guarded by "#ifdef" so an upgrade
of OpenSSH before glibc upgrade won't fix the problem if system is using old
linux-headers without __NR_clock_nanosleep{,_time64}.
Forcing >=linux-headers-5.1 will ensure that OpenSSH's sandbox supports
__NR_clock_nanosleep{,_time64} and will therefore work with >=glibc-2.31.
Link 1:
https://github.com/openssh/openssh-portable/blob/V_8_3/sandbox-seccomp-filter.c#L252-L257
Bug: https://bugs.gentoo.org/708224
Closes: https://bugs.gentoo.org/737604
Package-Manager: Portage-3.0.2, Repoman-2.3.23
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
.../openssh/{openssh-8.1_p1-r3.ebuild => openssh-8.1_p1-r4.ebuild} | 3 ++-
.../openssh/{openssh-8.2_p1-r6.ebuild => openssh-8.2_p1-r7.ebuild} | 3 ++-
.../openssh/{openssh-8.3_p1-r4.ebuild => openssh-8.3_p1-r5.ebuild} | 3 ++-
3 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/net-misc/openssh/openssh-8.1_p1-r3.ebuild
b/net-misc/openssh/openssh-8.1_p1-r4.ebuild
similarity index 99%
rename from net-misc/openssh/openssh-8.1_p1-r3.ebuild
rename to net-misc/openssh/openssh-8.1_p1-r4.ebuild
index 75b805da4dd..53ccdd567a2 100644
--- a/net-misc/openssh/openssh-8.1_p1-r3.ebuild
+++ b/net-misc/openssh/openssh-8.1_p1-r4.ebuild
@@ -82,8 +82,9 @@ RDEPEND="
kerberos? ( virtual/krb5 )
"
DEPEND="${RDEPEND}
- static? ( ${LIB_DEPEND} )
virtual/os-headers
+ kernel_linux? ( >=sys-kernel/linux-headers-5.1 )
+ static? ( ${LIB_DEPEND} )
"
RDEPEND="${RDEPEND}
pam? ( >=sys-auth/pambase-20081028 )
diff --git a/net-misc/openssh/openssh-8.2_p1-r6.ebuild
b/net-misc/openssh/openssh-8.2_p1-r7.ebuild
similarity index 99%
rename from net-misc/openssh/openssh-8.2_p1-r6.ebuild
rename to net-misc/openssh/openssh-8.2_p1-r7.ebuild
index c0ed8f5dec4..c8fff3ba950 100644
--- a/net-misc/openssh/openssh-8.2_p1-r6.ebuild
+++ b/net-misc/openssh/openssh-8.2_p1-r7.ebuild
@@ -81,8 +81,9 @@ RDEPEND="
kerberos? ( virtual/krb5 )
"
DEPEND="${RDEPEND}
- static? ( ${LIB_DEPEND} )
virtual/os-headers
+ kernel_linux? ( >=sys-kernel/linux-headers-5.1 )
+ static? ( ${LIB_DEPEND} )
"
RDEPEND="${RDEPEND}
pam? ( >=sys-auth/pambase-20081028 )
diff --git a/net-misc/openssh/openssh-8.3_p1-r4.ebuild
b/net-misc/openssh/openssh-8.3_p1-r5.ebuild
similarity index 99%
rename from net-misc/openssh/openssh-8.3_p1-r4.ebuild
rename to net-misc/openssh/openssh-8.3_p1-r5.ebuild
index 6e93d57cf89..86300b9d810 100644
--- a/net-misc/openssh/openssh-8.3_p1-r4.ebuild
+++ b/net-misc/openssh/openssh-8.3_p1-r5.ebuild
@@ -84,8 +84,9 @@ RDEPEND="
kerberos? ( virtual/krb5 )
"
DEPEND="${RDEPEND}
- static? ( ${LIB_DEPEND} )
virtual/os-headers
+ kernel_linux? ( >=sys-kernel/linux-headers-5.1 )
+ static? ( ${LIB_DEPEND} )
"
RDEPEND="${RDEPEND}
pam? ( >=sys-auth/pambase-20081028 )
