On 2020-03-30 17:19, Jeremie Courreges-Anglas wrote:
On Sat, Mar 28 2020, Klemens Nanni <k...@openbsd.org> wrote:
https://www.libssh.org/2019/12/10/libssh-0-9-3-and-libssh-0-8-8-security-release/
check_syms reports no dynamic symbol removals, only additions.
libssh fails to build due to argp related code in the unit tests; I've
disabled them for now to unblock the update - I could not fix it myself.
There is software that apparently reuires >=0.9.0 so I'm updating to
0.9.3 rather than 0.8.3, and as no existing port has specific version
requirements for <0.9.0 I currently see no reason not to.
Tested with latest sysutils/tmate 2.4.0p1 on amd64 which successfully
establishes SSH connections as client.
Since this fixes CVEs, I'll add quirks if this should go in.
Feedback? OK?
Looks good overall: the SHARED_LIBS bump looks correct, the header
changes don't show incompatible changes. But a few decls have been
marked deprecated, and this might cause trouble at build time so you
might want to test-build consumers (SUBDIRLIST can help here as pointed
out by sthen@).
I think it would be good to keep the unit tests, so here's an updated
diff that addresses the clash between libssh priv.h and potentially all
headers that use attribute((__unused__)). I can try to push that fix
upstream, where the problem has already been reported.
make test is happy on amd64 and sparc64.
Hi,
sounds good to me, thank you.
Don't hesitate to take maintainership on it.
Cheers,
Remi.
