[Bug 931429] New: readd tcp wrappers until dropped by upstream
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429 Bug ID: 931429 Summary: readd tcp wrappers until dropped by upstream Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: pcerny@suse.com Reporter: meissner@suse.com QA Contact: qa-bugs@suse.de CC: crrodriguez@opensuse.org Found By: --- Blocker: --- user is angry that tcp wrapper support was dropped from openssh. ------------------------------------------------------------------- Sat May 17 22:31:29 UTC 2014 - crrodriguez@opensuse.org - Remove tcpwrappers support now, This feature was removed in upstream code at the end of April and the underlying libraries are abandonware. See: http://comments.gmane.org/gmane.linux.suse.general/348119 It should still stay in until upstream drops it. http://lists.opensuse.org/opensuse-de/2015-05/msg00232.html http://lists.opensuse.org/opensuse-de/2015-05/msg00251.html -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
--- Comment #1 from Cristian Rodríguez
user is angry that tcp wrapper support was dropped from openssh.
------------------------------------------------------------------- Sat May 17 22:31:29 UTC 2014 - crrodriguez@opensuse.org
- Remove tcpwrappers support now, This feature was removed in upstream code at the end of April and the underlying libraries are abandonware. See: http://comments.gmane.org/gmane.linux.suse.general/348119
It should still stay in until upstream drops it.
http://lists.opensuse.org/opensuse-de/2015-05/msg00232.html http://lists.opensuse.org/opensuse-de/2015-05/msg00251.html
They already dropped it, it is that the openSSH package has not been updated..http://www.openssh.com/txt/release-6.7 gone since 6.7..current openSSH version is 6.8. -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
Marcus Meissner
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
Dr. Werner Fink
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
Petr Cerny
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
--- Comment #4 from Petr Cerny
As for the tcpwrappers - I don't feel very comfortable with adding it back. While I'm fine with adding the patch as such, I don't see a good reason to build it by default, especially when building own packages in BS is really easy.
Or we could make it a configurable run-time option, that would be off by default. That might make more sense... -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
--- Comment #5 from Dr. Werner Fink
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
Dr. Werner Fink
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
--- Comment #7 from Petr Cerny
I hang on patch openssh-6.6p1-audit5-session_key_destruction.patch as upstream has changed a lot in e.g. ssh_packet_close() of packet.c ... that is the changes becomes not trivial and without deep knowledge on audit memory management the risk of crashing and/or causing a memory leak increases a lot.
I'll copy my current tree to ~werner/Export/
The question rises if there is an upstream source for FIPS as well as audit patches for `openssh-6.8p1'
Not really. As far as I know, the only upstream for both the FIPS us and RH (because I didn't really like the way they did it, I deviated from them). The audit patches are easier, since those I took verbatim from Fedora (several versions back). -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
http://bugzilla.suse.com/show_bug.cgi?id=931429#c8
Marcus Meissner
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=931429
http://bugzilla.suse.com/show_bug.cgi?id=931429#c9
Tomáš Chvátal
participants (1)
-
bugzilla_noreply@novell.com