Tue Jul 18 23:10:25 UTC 2017

a/kernel-generic-4.9.38-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.9.38-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.9.38-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-3.txz:  Upgraded.
  Support btrfs and ocfs2 volume ids in busybox. Thanks to bam80.
  Handle rootflags in init script. Thanks to davjohn.
a/openssl-solibs-1.0.2l-x86_64-1.txz:  Upgraded.
ap/gutenprint-5.2.13-x86_64-1.txz:  Upgraded.
d/cmake-3.9.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.9.38-x86-1.txz:  Upgraded.
k/kernel-source-4.9.38-noarch-1.txz:  Upgraded.
kde/calligra-2.9.11-x86_64-12.txz:  Rebuilt.
  Linked against exiv2-0.26.
kde/gwenview-4.14.3-x86_64-3.txz:  Rebuilt.
  Linked against exiv2-0.26.
kde/kde-runtime-4.14.3-x86_64-5.txz:  Rebuilt.
  Linked against exiv2-0.26 and libwebp-0.6.0.
kde/kdelibs-4.14.34-x86_64-1.txz:  Upgraded.
kde/kfilemetadata-4.14.3-x86_64-3.txz:  Rebuilt.
  Linked against exiv2-0.26.
kde/libkexiv2-4.14.3-x86_64-3.txz:  Rebuilt.
  Linked against exiv2-0.26.
kde/nepomuk-core-4.14.3-x86_64-3.txz:  Rebuilt.
  Linked against exiv2-0.26.
l/SDL2_image-2.0.1-x86_64-2.txz:  Rebuilt.
  Linked against libwebp-0.6.0.
l/exiv2-0.26-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/expat-2.2.2-x86_64-1.txz:  Upgraded.
  Fixes security issues including:
  External entity infinite loop DoS
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
    https://libexpat.github.io/doc/cve-2017-9233/
  (* Security fix *)
l/ffmpeg-3.3.2-x86_64-2.txz:  Rebuilt.
  Linked against libwebp-0.6.0.
l/gd-2.2.4-x86_64-1.txz:  Upgraded.
  Linked against libwebp-0.6.0.
  Fixes security issues:
  gdImageCreate() doesn't check for oversized images and as such is prone to
  DoS vulnerabilities. (CVE-2016-9317)
  double-free in gdImageWebPtr() (CVE-2016-6912)
  potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
  DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
  Signed Integer Overflow gd_io.c (CVE-2016-10168)
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
  (* Security fix *)
l/imagemagick-6.9.9_0-x86_64-1.txz:  Upgraded.
  Linked against libwebp-0.6.0.
l/libwebp-0.6.0-x86_64-1.txz:  Added.
  Thanks to powtrix.
l/orc-0.4.27-x86_64-1.txz:  Upgraded.
l/pango-1.40.7-x86_64-1.txz:  Upgraded.
l/strigi-0.7.8-x86_64-3.txz:  Rebuilt.
  Linked against exiv2-0.26.
n/bluez-5.46-x86_64-1.txz:  Upgraded.
n/libtirpc-1.0.2-x86_64-1.txz:  Upgraded.
n/nfs-utils-1.3.4-x86_64-2.txz:  Rebuilt.
  Added /etc/default/nfs config file for setting additional options.
  Thanks to shasta and Robby Workman.
n/openssh-7.5p1-x86_64-2.txz:  Rebuilt.
  Added /etc/default/sshd config file for setting additional options.
  Thanks to shasta and Robby Workman.
n/openssl-1.0.2l-x86_64-1.txz:  Upgraded.
n/rpcbind-0.2.4-x86_64-2.txz:  Rebuilt.
  Fixed a bug in a previous patch where a svc_freeargs() call ended up freeing
  a static pointer causing rpcbind to crash. Thanks to Jonathan Woithe,
  Rafael Jorge Csura Szendrodi, and Robby Workman for identifying the problem
  and helping to test a fix.
  Added /etc/default/rpc config file (useful for setting static port
  assignments). Thanks to shasta and Robby Workman.
n/stunnel-5.42-x86_64-1.txz:  Upgraded.
n/yptools-2.14-x86_64-8.txz:  Rebuilt.
  Added /etc/default/yp config file for setting additional options.
  Thanks to shasta and Robby Workman.
xap/geeqie-1.3-x86_64-2.txz:  Rebuilt.
  Linked against exiv2-0.26.
xfce/xfce4-terminal-0.8.6-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

4 files changed, 23 insertions, 4 deletions

diff --git a/slackware64-current/source/n/openssh/doinst.sh.gz b/slackware64-current/source/n/openssh/doinst.sh.gz
index c49f3473f..ce3cecdc3 100644
--- a/slackware64-current/source/n/openssh/doinst.sh.gz
+++ b/slackware64-current/source/n/openssh/doinst.sh.gz
@@ -1 +1 @@
-43cdd79dce97d26b0eddf5fe8cd3e5b7b78aa179
+2e2788207619c5b5f8e004b0e877931275ac72cf
diff --git a/slackware64-current/source/n/openssh/openssh.SlackBuild b/slackware64-current/source/n/openssh/openssh.SlackBuild
index 44e233687..5be5ee466 100755
--- a/slackware64-current/source/n/openssh/openssh.SlackBuild
+++ b/slackware64-current/source/n/openssh/openssh.SlackBuild
@@ -29,7 +29,7 @@ TMP=${TMP:-/tmp}
 PKG=$TMP/package-openssh
 
 VERSION=${VERSION:-$(echo openssh-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:--j6}
 
@@ -84,7 +84,7 @@ CFLAGS="$SLKCFLAGS" \
   --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \
   --with-privsep-path=/var/empty \
   --with-privsep-user=sshd \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 
@@ -113,6 +113,10 @@ fi
 mkdir -p $PKG/var/empty
 chmod 755 $PKG/var/empty
 
+# Install defaults file
+mkdir -p $PKG/etc/default
+cat $CWD/sshd.default > $PKG/etc/default/sshd.new
+
 # Install docs:
 mkdir -p $PKG/usr/doc/openssh-$VERSION
 cp -a \
diff --git a/slackware64-current/source/n/openssh/rc.sshd b/slackware64-current/source/n/openssh/rc.sshd
index 2da2ab307..eea6c6a74 100644
--- a/slackware64-current/source/n/openssh/rc.sshd
+++ b/slackware64-current/source/n/openssh/rc.sshd
@@ -1,6 +1,11 @@
 #!/bin/sh
 # Start/stop/restart the secure shell server:
 
+# Source options
+if [ -r /etc/default/sshd ]; then
+  . /etc/default/sshd
+fi
+
 sshd_start() {
   # Create host keys if needed.
   if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
@@ -18,7 +23,7 @@ sshd_start() {
   # Catch any new host key types not yet created above:
   /usr/bin/ssh-keygen -A
   # Start the sshd daemon:
-  /usr/sbin/sshd
+  /usr/sbin/sshd $SSHD_OPTS
 }
 
 sshd_stop() {
diff --git a/slackware64-current/source/n/openssh/sshd.default b/slackware64-current/source/n/openssh/sshd.default
new file mode 100644
index 000000000..6cab3ba31
--- /dev/null
+++ b/slackware64-current/source/n/openssh/sshd.default
@@ -0,0 +1,10 @@
+# Optional arguments to start sshd with.
+#
+# Note that using the -p flag causes any Port directives 
+# in sshd_config(5) to be ignored.
+#
+# If you want to run sshd on non-standard port(s), use:
+#SSHD_OPTS="-p 12345 -p 6789"
+#
+# If you want to use non-standard sshd_config, use:
+#SSHD_OPTS="-f /some/other/sshd_config"