summaryrefslogtreecommitdiff
path: root/net-misc
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/Manifest.gzbin54535 -> 54523 bytes
-rw-r--r--net-misc/freerdp/Manifest3
-rw-r--r--net-misc/freerdp/freerdp-3.6.2.ebuild184
-rw-r--r--net-misc/kio-zeroconf/Manifest4
-rw-r--r--net-misc/kio-zeroconf/kio-zeroconf-24.05.2.ebuild (renamed from net-misc/kio-zeroconf/kio-zeroconf-24.05.1.ebuild)0
-rw-r--r--net-misc/openssh-contrib/Manifest7
-rw-r--r--net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch17
-rw-r--r--net-misc/openssh-contrib/files/openssh-7.5_p1-disable-conch-interop-tests.patch20
-rw-r--r--net-misc/openssh-contrib/files/openssh-7.9_p1-include-stdlib.patch48
-rw-r--r--net-misc/openssh-contrib/files/openssh-8.0_p1-fix-putty-tests.patch57
-rw-r--r--net-misc/openssh-contrib/files/openssh-8.7_p1-GSSAPI-dns.patch357
-rw-r--r--net-misc/openssh-contrib/files/openssh-8.9_p1-allow-ppoll_time64.patch14
-rw-r--r--net-misc/openssh-contrib/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch20
-rw-r--r--net-misc/r8168/Manifest2
-rw-r--r--net-misc/r8168/r8168-8.053.00.ebuild2
15 files changed, 191 insertions, 544 deletions
diff --git a/net-misc/Manifest.gz b/net-misc/Manifest.gz
index dcf2de7baf6d..0ad81adcec11 100644
--- a/net-misc/Manifest.gz
+++ b/net-misc/Manifest.gz
Binary files differ
diff --git a/net-misc/freerdp/Manifest b/net-misc/freerdp/Manifest
index 110ee18c3e69..f616f0fcce23 100644
--- a/net-misc/freerdp/Manifest
+++ b/net-misc/freerdp/Manifest
@@ -11,6 +11,8 @@ DIST freerdp-3.4.0.tar.gz 9331562 BLAKE2B 888d6c5786c7b3c5eea89e41bca23ef2b32337
DIST freerdp-3.5.0.tar.gz 9335565 BLAKE2B fc417336cda9dd14a2c7605a2b0172220f711599356b38d4d346130fc865c1ef563e627b57bcb20843dae231d8cfda272261db30d956ea98c29ebf7908c4722c SHA512 5f6f6fc84d0fb3581b3debd8dde8ed7054275af46f71b6ebd618d240b196e26352cf5ea260bd819a2b4464101012184910715b546701a95fc1aa951433150b07
DIST freerdp-3.5.1.tar.gz 9338947 BLAKE2B dd004333a52046300a5f319346da46ddb460e8acbb5902dc4daa18e3d0b6e3d9ee1d43f43e54f0887fec68cf6a952567be4c7995e807099585b9062a56058506 SHA512 6c7861131e1ae2cf824659fe8cff34e0f608c4e3796b64f02a61aeeaa12dce76aad2bfa5096c821f0f86fde82ffed7e4876f20cd4016ea1adb7555e4828551d8
DIST freerdp-3.5.1.tar.gz.asc 228 BLAKE2B ae5826e539f0078d3adf7a4886f0b0c249c73fd2fc7ae21dcf815d876ec26f4482c242c076dbd9dcadd18927f4f97199f16fac3b40c0c04b1e43482865af15dc SHA512 ba52d6a5aa3d91fdab988d91b8591ccb075ce3d52bbee0596ffdb50902b54e650b397995f273463296a484199b969bab47708b5dbfc76c4128aa54ec5afcfdf2
+DIST freerdp-3.6.2.tar.gz 10195789 BLAKE2B 42e8337f8be0345bd182e46354b9ccd4b1a241679834d82e567e80576f69c7b09e5e4c548ff4e4386bdba3a8d44fd1b5c63932d720f7ed22ab70f6f2e0f254a4 SHA512 c0f4d85c3e90158dbd966363d4e78a32c56c8cbedd1520dd1a517cd392a811644073760dcaeb2668f00a92febd3c74fd8e2f26447bbe76069e6a6fdba9a67d2c
+DIST freerdp-3.6.2.tar.gz.asc 228 BLAKE2B fbf27c8804329abaf9eb844caac8ef69c48cf6982ac92cd5a0f8191347439aae69d4ad9e5d014f6ab0ba5521d103fdcdfe00de5ff603e632a5518b4e29cca3dd SHA512 4e0c86355112c603627edb802e61444d9c35b4b12a89300073a4e46c093a3fe2011a9e0774c4b493b8289f9e06c46d8bca381bdcd80c9c40d1bbe5e2516fbdfc
EBUILD freerdp-2.11.5-r10.ebuild 3675 BLAKE2B 81ed6fb24d6bdd2ca894b2368e47adc29996441fa251ab5e4fa5d45128027a446c83f733dc9c010c6701e4b42bec15d987381bc3d72a234563c021552fd18a7e SHA512 910dad20fca8dbd8a287b31769f71fb2f660f4001df1b013e1340e19898fe2fd950765517faea66ecb9b8488b7bd1e87595813dccde3749a76f91b92b6a5b4e8
EBUILD freerdp-2.11.6.ebuild 3909 BLAKE2B 2d146692aa17251bfdd1d18f79907c37397ce69a25c4596d4fb7c9044c15f6f6c32d149eb6502f0ae0888b340a08f5c41a0f5253bafaff1caec396a3b994783a SHA512 e7b1eb0a93083e1417b4ce49d7f7e92af58fdcc28714ea0a04d9cc9808f7782e92f0fb2de3520435c30e48049ebc289d6a44d30a5f1eb12ee28a7a2d1ae78d8f
EBUILD freerdp-2.11.7.ebuild 4065 BLAKE2B b99f1e776a8928a2300d7e0a5efbbd6b67ca8070125779cda0a90105f08c348008ceb240a483fd5b9554b7be69085da9f119d300174cc91bec5812466096f4b4 SHA512 13eda5a622d3cf79a3a36357ebb88235983d87dae7aa15b0d9744563b1d44a4897d1d1fc99fad1a38a3d8c4c368cf3fb174f6ac8babfa7522123a08b57ded1b8
@@ -18,5 +20,6 @@ EBUILD freerdp-2.9999.ebuild 4014 BLAKE2B 8e16a4c7dc35301402fbae5da1ba9da5673f0b
EBUILD freerdp-3.4.0-r11.ebuild 4170 BLAKE2B d0c489ddda31ec18c760f17f151cf1381ff9ad018b33d8246a4e7231f98298d8a7083e91be321d75d263f58e0b6e4fc3a71f029f3cf4b8c88d2ef4d7b45f5262 SHA512 da6d233a7bb1ef6aa31a6457dce467aab9abb22f73a3f480825c16bfc3be25501635baf9849ef5e5de2771908adf6a9d89f40d9d6f83b843f32a5e972f52acd8
EBUILD freerdp-3.5.0.ebuild 4061 BLAKE2B db81f0a4e3e724a56f8a751a8ea75157ddf1bb2084bbcbb0d7cb79c1303943841eb25b47062f873ca37c0c653b5fdaea945aee0679f881e23b3ea3c5aaaaceb9 SHA512 c39ca3be52c6a180268384108dfa908dfdc912988b2b1e6dc4aeb13b53beebca02745898106afb3bde52035d3f78bf752b69ebcec8bdc28527d3540be13ca6af
EBUILD freerdp-3.5.1.ebuild 4282 BLAKE2B 7df61eb651420605019dd8fd67569194f57aeb3ac79b2a9632812a8f3f537bcac7a7e6457c3bbe35f187b73348aa88f6e6fe749c5e90895d5c15669b2ecb3e6f SHA512 c04f62608dcf2f511468175b7f1fb8eb83174acd61f3a11862751176900b232ebc1bc80d947d07dd513b3570ab6542a5bb1f8a9bb28906af5e61274f1a5227d2
+EBUILD freerdp-3.6.2.ebuild 4282 BLAKE2B 7df61eb651420605019dd8fd67569194f57aeb3ac79b2a9632812a8f3f537bcac7a7e6457c3bbe35f187b73348aa88f6e6fe749c5e90895d5c15669b2ecb3e6f SHA512 c04f62608dcf2f511468175b7f1fb8eb83174acd61f3a11862751176900b232ebc1bc80d947d07dd513b3570ab6542a5bb1f8a9bb28906af5e61274f1a5227d2
EBUILD freerdp-9999.ebuild 4282 BLAKE2B 7df61eb651420605019dd8fd67569194f57aeb3ac79b2a9632812a8f3f537bcac7a7e6457c3bbe35f187b73348aa88f6e6fe749c5e90895d5c15669b2ecb3e6f SHA512 c04f62608dcf2f511468175b7f1fb8eb83174acd61f3a11862751176900b232ebc1bc80d947d07dd513b3570ab6542a5bb1f8a9bb28906af5e61274f1a5227d2
MISC metadata.xml 650 BLAKE2B 619e236cb4c4b249beafc2e4772c5321e5c912242a0e69d7e181867a83078ebfadd639aa5b7cf2a0da58572ade2ae374bfd61f41d83e333065bbfde2c06533ed SHA512 f9ec3e33c342c2a364be4d780c0fc69800617896bda40e473175f0b98f39925ea7bcc1896993782470fd9aad1b04edc2848baf5db2a8dd4e2c4099c062e657ae
diff --git a/net-misc/freerdp/freerdp-3.6.2.ebuild b/net-misc/freerdp/freerdp-3.6.2.ebuild
new file mode 100644
index 000000000000..0c7ce6eacd22
--- /dev/null
+++ b/net-misc/freerdp/freerdp-3.6.2.ebuild
@@ -0,0 +1,184 @@
+# Copyright 2011-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake flag-o-matic
+
+if [[ ${PV} == *9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/FreeRDP/FreeRDP.git"
+ case ${PV} in
+ 2.*) EGIT_BRANCH="stable-2.0";;
+ esac
+else
+ inherit verify-sig
+ MY_P=${P/_/-}
+ S="${WORKDIR}/${MY_P}"
+ SRC_URI="https://pub.freerdp.com/releases/${MY_P}.tar.gz
+ verify-sig? ( https://pub.freerdp.com/releases/${MY_P}.tar.gz.asc )"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86"
+ BDEPEND="verify-sig? ( sec-keys/openpgp-keys-akallabeth )"
+ VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/akallabeth.asc"
+fi
+
+DESCRIPTION="Free implementation of the Remote Desktop Protocol"
+HOMEPAGE="https://www.freerdp.com/"
+
+LICENSE="Apache-2.0"
+SLOT="3"
+IUSE="aad alsa cpu_flags_arm_neon +client cups debug +ffmpeg +fuse gstreamer +icu jpeg kerberos openh264 pulseaudio sdl server smartcard systemd test usb valgrind wayland X xinerama xv"
+RESTRICT="!test? ( test )"
+
+BDEPEND+="
+ virtual/pkgconfig
+ app-text/docbook-xsl-stylesheets
+ dev-libs/libxslt
+"
+COMMON_DEPEND="
+ dev-libs/openssl:0=
+ sys-libs/zlib:0
+ aad? ( dev-libs/cJSON )
+ alsa? ( media-libs/alsa-lib )
+ cups? ( net-print/cups )
+ usb? (
+ virtual/libudev:0=
+ sys-apps/util-linux:0=
+ dev-libs/dbus-glib:0=
+ virtual/libusb:1=
+ )
+ X? (
+ x11-libs/libXcursor
+ x11-libs/libXext
+ x11-libs/libXi
+ x11-libs/libXrender
+ xinerama? ( x11-libs/libXinerama )
+ xv? ( x11-libs/libXv )
+ )
+ ffmpeg? ( media-video/ffmpeg:0= )
+ !ffmpeg? (
+ x11-libs/cairo:0=
+ )
+ fuse? ( sys-fs/fuse:3 )
+ gstreamer? (
+ media-libs/gstreamer:1.0
+ media-libs/gst-plugins-base:1.0
+ X? ( x11-libs/libXrandr )
+ )
+ icu? ( dev-libs/icu:0= )
+ jpeg? ( media-libs/libjpeg-turbo:0= )
+ kerberos? ( virtual/krb5 )
+ openh264? ( media-libs/openh264:0= )
+ pulseaudio? ( media-libs/libpulse )
+ sdl? (
+ media-libs/libsdl2[haptic(+),joystick(+),sound(+),video(+)]
+ media-libs/sdl2-ttf
+ )
+ server? (
+ X? (
+ x11-libs/libXcursor
+ x11-libs/libXdamage
+ x11-libs/libXext
+ x11-libs/libXfixes
+ x11-libs/libXrandr
+ x11-libs/libXtst
+ xinerama? ( x11-libs/libXinerama )
+ )
+ )
+ smartcard? (
+ dev-libs/pkcs11-helper
+ sys-apps/pcsc-lite
+ )
+ systemd? ( sys-apps/systemd:0= )
+ client? (
+ wayland? (
+ dev-libs/wayland
+ x11-libs/libxkbcommon
+ )
+ )
+ X? (
+ x11-libs/libX11
+ x11-libs/libxkbfile
+ )
+"
+DEPEND="${COMMON_DEPEND}
+ valgrind? ( dev-debug/valgrind )
+"
+RDEPEND="${COMMON_DEPEND}
+ !net-misc/freerdp:0
+ client? ( !net-misc/freerdp:2[client] )
+ server? ( !net-misc/freerdp:2[server] )
+"
+
+option() {
+ usex "$1" ON OFF
+}
+
+option_client() {
+ if use client; then
+ option "$1"
+ else
+ echo OFF
+ fi
+}
+
+src_configure() {
+ # bug #881695
+ filter-lto
+
+ local mycmakeargs=(
+ -Wno-dev
+
+ # https://bugs.gentoo.org/927037
+ -DCMAKE_INTERPROCEDURAL_OPTIMIZATION=OFF
+
+ -DBUILD_TESTING=$(option test)
+ -DCHANNEL_URBDRC=$(option usb)
+ -DWITH_AAD=$(option aad)
+ -DWITH_ALSA=$(option alsa)
+ -DWITH_CCACHE=OFF
+ -DWITH_CLIENT=$(option client)
+ -DWITH_CLIENT_SDL=$(option sdl)
+ -DWITH_SAMPLE=OFF
+ -DWITH_CUPS=$(option cups)
+ -DWITH_DEBUG_ALL=$(option debug)
+ -DWITH_MANPAGES=ON
+ -DWITH_FFMPEG=$(option ffmpeg)
+ -DWITH_FREERDP_DEPRECATED_COMMANDLINE=ON
+ -DWITH_SWSCALE=$(option ffmpeg)
+ -DWITH_CAIRO=$(option !ffmpeg)
+ -DWITH_DSP_FFMPEG=$(option ffmpeg)
+ -DWITH_FUSE=$(option fuse)
+ -DWITH_GSTREAMER_1_0=$(option gstreamer)
+ -DWITH_JPEG=$(option jpeg)
+ -DWITH_KRB5=$(option kerberos)
+ -DWITH_NEON=$(option cpu_flags_arm_neon)
+ -DWITH_OPENH264=$(option openh264)
+ -DWITH_OSS=OFF
+ -DWITH_PCSC=$(option smartcard)
+ -DWITH_PKCS11=$(option smartcard)
+ -DWITH_PULSE=$(option pulseaudio)
+ -DWITH_SERVER=$(option server)
+ -DWITH_LIBSYSTEMD=$(option systemd)
+ -DWITH_UNICODE_BUILTIN=$(option !icu)
+ -DWITH_VALGRIND_MEMCHECK=$(option valgrind)
+ -DWITH_X11=$(option X)
+ -DWITH_XINERAMA=$(option xinerama)
+ -DWITH_XV=$(option xv)
+ -DWITH_WAYLAND=$(option_client wayland)
+ -DWITH_WEBVIEW=OFF
+ -DWITH_WINPR_TOOLS=$(option server)
+ )
+ cmake_src_configure
+}
+
+src_test() {
+ local myctestargs=( -E TestBacktrace )
+ has network-sandbox ${FEATURES} && myctestargs+=( -E TestConnect )
+ cmake_src_test
+}
+
+src_install() {
+ cmake_src_install
+ mv "${ED}"/usr/share/man/man7/wlog{,3}.7 || die
+}
diff --git a/net-misc/kio-zeroconf/Manifest b/net-misc/kio-zeroconf/Manifest
index 744f4d34e285..8c280cc0b70c 100644
--- a/net-misc/kio-zeroconf/Manifest
+++ b/net-misc/kio-zeroconf/Manifest
@@ -1,5 +1,5 @@
DIST kio-zeroconf-23.08.5.tar.xz 44360 BLAKE2B bf441b10221ba8c731756cb5455664fff5a1c8904a952e558084dadb6fe5bcc3a3da072ff58fd31f6c2c35a40ea27241c85403a3db16fd46b52e1a87586b1b5c SHA512 33ed5cb23280ba85ccd4fee149f5983e64164ff0c5f7730e2d49c80784b445c569aa7b925e2d44221854cf7588310f211920d8e4492d87f20be531dbbc9198e6
-DIST kio-zeroconf-24.05.1.tar.xz 44412 BLAKE2B bcc4ec6290ec5da22db681f58bfa6377ac543ee4ab7387dd21d561554ba4913991b7fff01775cadaf9f20f3a9df9fca78ba633d994611ede6bc9f3aed60b6340 SHA512 a4c7ad5aa10ba51c51fcdc018793cba0b5e1568681a5fbc1da9592f2c279a6b4cf0b2b8dfdf6257d6cee8a9ace6f5e3a73a1469f3e332c6d219ffa1121f49790
+DIST kio-zeroconf-24.05.2.tar.xz 44392 BLAKE2B 6ef8fc100cae8256b8a77ea0d11715df420bfa41fd09ebcb9f72b898981c1a0cd6067e14f4f01977f3d0314a5e0c0bac9a8864183a509652c37e8e3a2bfdb304 SHA512 ce85f0ef9ea1cf1efb58ea63f25ea50d141fe7756c06eaea55d44fa64b66831c80b54cec2d2d61d748807eb8c04cdb8dbd531ca69efa1874f58b0057c45c5f9f
EBUILD kio-zeroconf-23.08.5.ebuild 900 BLAKE2B 31511b68fc1fde36743d4eda7530feaa77d6a11e79dd48c920d61aee84216f910ce8c1254182d41d630343a8c288df9e9c33ab8643312c981ef72131c7d19c27 SHA512 81299817a158568a5d1f8f053d7cd57b14d5bebe207b997991b3efaff8fdd75d99c86c8f9a321b8efa35527864a11631a9c5c99c5f33f7538f5fc960972363ea
-EBUILD kio-zeroconf-24.05.1.ebuild 597 BLAKE2B b6bff2387595619f9c1d59e6ca639a7ea905e876afdab253c4e36c21dd674fa203c99571acedca5a8212fde9d677f3fdc2f76994a88cd6a9e104f623afe2ea22 SHA512 76dea3ad4b6d66b900d292eed410afb97224f66ef22fba33b89f3933ab940c265b28a853ee54dacb66846b84b8b0d6e03047cfec84e1c7a8ac682f61cf70e148
+EBUILD kio-zeroconf-24.05.2.ebuild 597 BLAKE2B b6bff2387595619f9c1d59e6ca639a7ea905e876afdab253c4e36c21dd674fa203c99571acedca5a8212fde9d677f3fdc2f76994a88cd6a9e104f623afe2ea22 SHA512 76dea3ad4b6d66b900d292eed410afb97224f66ef22fba33b89f3933ab940c265b28a853ee54dacb66846b84b8b0d6e03047cfec84e1c7a8ac682f61cf70e148
MISC metadata.xml 501 BLAKE2B 467c829559f7cb706ba27fe6400ac8282b9270faadb574fa78ea977c35075a29e8d4c98267f3c4bfdb83d2c39dc8abd3b5db3e94acc3ffaf5cd5c1c52bd9c3bf SHA512 dba3e3de6cb07e240e7664806b196c748df3604e22e84a265b01bbdc2a56192ed1906b30a76c79d6d8c98763c8651c3a3dcff30a0fc942c22a65901234ad2740
diff --git a/net-misc/kio-zeroconf/kio-zeroconf-24.05.1.ebuild b/net-misc/kio-zeroconf/kio-zeroconf-24.05.2.ebuild
index 22ed48f20d40..22ed48f20d40 100644
--- a/net-misc/kio-zeroconf/kio-zeroconf-24.05.1.ebuild
+++ b/net-misc/kio-zeroconf/kio-zeroconf-24.05.2.ebuild
diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest
index dcf5340c2a18..14d37550a115 100644
--- a/net-misc/openssh-contrib/Manifest
+++ b/net-misc/openssh-contrib/Manifest
@@ -1,11 +1,4 @@
-AUX openssh-6.7_p1-openssl-ignore-status.patch 765 BLAKE2B 6ddc498cef115a38054eb8f1fddac34048b94592e54f8e31dc11717fe872f3d66a7e6877d2449102fbe18a0ee2a35732991abe946b1fe10abfa48bbec6871b26 SHA512 ab15d6dfdb8d59946684501f6f30ac0eb82676855b7b57f19f2027a7ada072f9062fcb96911111a50cfc3838492faddd282db381ec83d22462644ccddccf0ae7
-AUX openssh-7.5_p1-disable-conch-interop-tests.patch 554 BLAKE2B f5f45c000ec26c1f783669c3447ea3c80c5c0f9b971b86ca1e79e99e906a90a519abb6b14db462f5766572e9759180719ea44f048ef5aa8efc37efb61d2b6ef7 SHA512 f35b15f1e8d0eb276d748ee14c71004c6599ddb124c33e2f84623bc9eb02bb4fd4680d25d0ba0289d6a723a526c95c9a56b30496bdaa565bae853bf3d1bab61f
-AUX openssh-7.9_p1-include-stdlib.patch 914 BLAKE2B 9c7eb79f87ecd657a80821dfa979d8b0cc12a08d385ec085724f20aa6f5332593ffc7481bb9f816e91df3eb4d75d8f7b66383ff473d271270de128c3b2bf92e5 SHA512 7dade73bdafb0da484cbd396b4a644442f8ea12fef54c07e6308ae2e73a587fa4ddf401e8a0c467469b46fe7f00585e047462545182924c157b4d3894c707a70
-AUX openssh-8.0_p1-fix-putty-tests.patch 1760 BLAKE2B a1127e8f2275c1e23c956b5041dbc84dbdb2cd6b788fc69bfc1f6b030afe86a827483602ce76577b4101ee2e790b1cfa8c1d2db09da59b89fe7df8083bf4695f SHA512 f544d818bdde628131f1819bf2ffb4007802ee5bf12c5cd5bd398efe0f0f430ed6b3efa7969cb2c4fa49a2bbd773d8fa09f4c927cf998a564b7611443437c310
-AUX openssh-8.7_p1-GSSAPI-dns.patch 11576 BLAKE2B 84aa0128ddeccf67e14c20f9d2acb61226c5091a3e3106285c79db4a297dbd781eddf7a6d4cb3b1a5a5dcbbcd158d32dbca5986b6fbf15f62cd3928cf125b083 SHA512 794b06c6ee6acd1bcd861753970cfc4d04f42499d48ff4119746dbcab8643f75761fddb9f52f49fe01e356740eb3882671ac3ae209e0e45745d195a219ffe5dd
-AUX openssh-8.9_p1-allow-ppoll_time64.patch 396 BLAKE2B b5bb202f79699d9037f12155044328f89ee0573efa43da7cdf8511555e706b6bf66cae069ac95cca900779c6ce293eedec48450f786fd033375e9be17bfb2872 SHA512 9b88024e6a898fc85205fbc038274a3271f787276962150965ab8f599fa355ee73cb48e7e12e3f090034293f9dca94a1ce41dfce2aaeb140693545ff3bc391f0
AUX openssh-9.0_p1-X509-uninitialized-delay.patch 321 BLAKE2B 19bff0fc7ecdc6350f8e6bd30f36f30b455c65b7455fe8b1d481d8fa7cdfa7cc76719931857fe2c9730b05ae8fe3e7e05c538e743e055d6594dd2fc7c3f250ee SHA512 57798621a51a60abf6985391ec73dcafdb46de75c93579e23b786aa095d8eea29ebd9ab5987b951a136b15e60896332c9717c82b42e1c22b345444aedf17a9f5
-AUX openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch 514 BLAKE2B d0dadfc57736cd4d2b04e46f5c0f6d5a1db1cfc7ee70d32afaa0f65269b82e66a72c46d33c9cbf7237f541a0485b25669cd2f4b34393e3a3ef0c9b4334092fe5 SHA512 f8badde54501340bde275951bc1cf653919bec02c760bf771308f10697b9ad2a483e30ae74ad124a737341f5c64657ab193a4d7fdf2baf24029b9447099da04b
AUX openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch 1647 BLAKE2B 9d55e9060e6eae041176bef27acc58d6026c8fb68c65c71c11c1acbe4e6840a63fba3dbc113a8981da66901717c1f3b4f2211a2cb322d3d4e5eba8c86f4e269c SHA512 d8fc604795d8bb4228ccbfe5714d5503bb1e0d63818d2fac65d533530d01fe4ce4fac0743b8b415f646322fec859b699fa7365beba8a42bd880d737b7c6bd7df
AUX openssh-9.6_p1-CVE-2024-6387.patch 508 BLAKE2B 592b671107692b2be1e181e0be60b693485b430355f77dd0da49ad63a26824efac82ac09d58d0ca6085b3af3204410a5433409dc880de91212870d3a520efb75 SHA512 86083f30781df293666442ab597a8c16f6e84581be4ea4371c32aeeac7efb985b78dcb8c9ae749b6747d196c7c90cd99cd946fea0cf990f06446a71ff9465858
AUX openssh-9.6_p1-chaff-logic.patch 696 BLAKE2B c4823f78e5cc381fb65e14512917965c0118490e5b430a28f0322fff013b7b0f40f8a0b664e748a3c1317776f22ed1411655c2fa52532c444741e8f600b582a7 SHA512 6a839546c618f00c297ac9b5b2ae46bd13ac495e5a093a3aa4d0cda81152db94706c4e9ce6b132a038e4febd05b7c19693c98ac91cc142073a06d9960efe29e4
diff --git a/net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch b/net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch
deleted file mode 100644
index fa33af39b6f8..000000000000
--- a/net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-the last nibble of the openssl version represents the status. that is,
-whether it is a beta or release. when it comes to version checks in
-openssh, this component does not matter, so ignore it.
-
-https://bugzilla.mindrot.org/show_bug.cgi?id=2212
-
---- a/openbsd-compat/openssl-compat.c
-+++ b/openbsd-compat/openssl-compat.c
-@@ -58,7 +58,7 @@ ssh_compatible_openssl(long headerver, long libver)
- * For versions >= 1.0.0, major,minor,status must match and library
- * fix version must be equal to or newer than the header.
- */
-- mask = 0xfff0000fL; /* major,minor,status */
-+ mask = 0xfff00000L; /* major,minor,status */
- hfix = (headerver & 0x000ff000) >> 12;
- lfix = (libver & 0x000ff000) >> 12;
- if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
diff --git a/net-misc/openssh-contrib/files/openssh-7.5_p1-disable-conch-interop-tests.patch b/net-misc/openssh-contrib/files/openssh-7.5_p1-disable-conch-interop-tests.patch
deleted file mode 100644
index a5647ce9d8d3..000000000000
--- a/net-misc/openssh-contrib/files/openssh-7.5_p1-disable-conch-interop-tests.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Disable conch interop tests which are failing when called
-via portage for yet unknown reason and because using conch
-seems to be flaky (test is failing when using Python2 but
-passing when using Python3).
-
-Bug: https://bugs.gentoo.org/605446
-
---- a/regress/conch-ciphers.sh
-+++ b/regress/conch-ciphers.sh
-@@ -3,6 +3,10 @@
-
- tid="conch ciphers"
-
-+# https://bugs.gentoo.org/605446
-+echo "conch interop tests skipped due to Gentoo bug #605446"
-+exit 0
-+
- if test "x$REGRESS_INTEROP_CONCH" != "xyes" ; then
- echo "conch interop tests not enabled"
- exit 0
diff --git a/net-misc/openssh-contrib/files/openssh-7.9_p1-include-stdlib.patch b/net-misc/openssh-contrib/files/openssh-7.9_p1-include-stdlib.patch
deleted file mode 100644
index c5697c2b8bd1..000000000000
--- a/net-misc/openssh-contrib/files/openssh-7.9_p1-include-stdlib.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-diff --git a/auth-options.c b/auth-options.c
-index b05d6d6f..d1f42f04 100644
---- a/auth-options.c
-+++ b/auth-options.c
-@@ -26,6 +26,7 @@
- #include <stdarg.h>
- #include <ctype.h>
- #include <limits.h>
-+#include <stdlib.h>
-
- #include "openbsd-compat/sys-queue.h"
-
-diff --git a/hmac.c b/hmac.c
-index 1c879640..a29f32c5 100644
---- a/hmac.c
-+++ b/hmac.c
-@@ -19,6 +19,7 @@
-
- #include <sys/types.h>
- #include <string.h>
-+#include <stdlib.h>
-
- #include "sshbuf.h"
- #include "digest.h"
-diff --git a/krl.c b/krl.c
-index 8e2d5d5d..c32e147a 100644
---- a/krl.c
-+++ b/krl.c
-@@ -28,6 +28,7 @@
- #include <string.h>
- #include <time.h>
- #include <unistd.h>
-+#include <stdlib.h>
-
- #include "sshbuf.h"
- #include "ssherr.h"
-diff --git a/mac.c b/mac.c
-index 51dc11d7..3d11eba6 100644
---- a/mac.c
-+++ b/mac.c
-@@ -29,6 +29,7 @@
-
- #include <string.h>
- #include <stdio.h>
-+#include <stdlib.h>
-
- #include "digest.h"
- #include "hmac.h"
diff --git a/net-misc/openssh-contrib/files/openssh-8.0_p1-fix-putty-tests.patch b/net-misc/openssh-contrib/files/openssh-8.0_p1-fix-putty-tests.patch
deleted file mode 100644
index 4310aa123fc8..000000000000
--- a/net-misc/openssh-contrib/files/openssh-8.0_p1-fix-putty-tests.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-Make sure that host keys are already accepted before
-running tests.
-
-https://bugs.gentoo.org/493866
-
---- a/regress/putty-ciphers.sh
-+++ b/regress/putty-ciphers.sh
-@@ -10,11 +10,17 @@ fi
-
- for c in aes 3des aes128-ctr aes192-ctr aes256-ctr ; do
- verbose "$tid: cipher $c"
-+ rm -f ${COPY}
- cp ${OBJ}/.putty/sessions/localhost_proxy \
- ${OBJ}/.putty/sessions/cipher_$c
- echo "Cipher=$c" >> ${OBJ}/.putty/sessions/cipher_$c
-
-- rm -f ${COPY}
-+ env HOME=$PWD echo "y" | ${PLINK} -load cipher_$c \
-+ -i ${OBJ}/putty.rsa2 "exit"
-+ if [ $? -ne 0 ]; then
-+ fail "failed to pre-cache host key"
-+ fi
-+
- env HOME=$PWD ${PLINK} -load cipher_$c -batch -i ${OBJ}/putty.rsa2 \
- cat ${DATA} > ${COPY}
- if [ $? -ne 0 ]; then
---- a/regress/putty-kex.sh
-+++ b/regress/putty-kex.sh
-@@ -14,6 +14,12 @@ for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ; do
- ${OBJ}/.putty/sessions/kex_$k
- echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k
-
-+ env HOME=$PWD echo "y" | ${PLINK} -load kex_$k \
-+ -i ${OBJ}/putty.rsa2 "exit"
-+ if [ $? -ne 0 ]; then
-+ fail "failed to pre-cache host key"
-+ fi
-+
- env HOME=$PWD ${PLINK} -load kex_$k -batch -i ${OBJ}/putty.rsa2 true
- if [ $? -ne 0 ]; then
- fail "KEX $k failed"
---- a/regress/putty-transfer.sh
-+++ b/regress/putty-transfer.sh
-@@ -14,6 +14,13 @@ for c in 0 1 ; do
- cp ${OBJ}/.putty/sessions/localhost_proxy \
- ${OBJ}/.putty/sessions/compression_$c
- echo "Compression=$c" >> ${OBJ}/.putty/sessions/kex_$k
-+
-+ env HOME=$PWD echo "y" | ${PLINK} -load compression_$c \
-+ -i ${OBJ}/putty.rsa2 "exit"
-+ if [ $? -ne 0 ]; then
-+ fail "failed to pre-cache host key"
-+ fi
-+
- env HOME=$PWD ${PLINK} -load compression_$c -batch \
- -i ${OBJ}/putty.rsa2 cat ${DATA} > ${COPY}
- if [ $? -ne 0 ]; then
diff --git a/net-misc/openssh-contrib/files/openssh-8.7_p1-GSSAPI-dns.patch b/net-misc/openssh-contrib/files/openssh-8.7_p1-GSSAPI-dns.patch
deleted file mode 100644
index ffc40b70ae3d..000000000000
--- a/net-misc/openssh-contrib/files/openssh-8.7_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,357 +0,0 @@
-diff --git a/auth.c b/auth.c
-index 00b168b4..8ee93581 100644
---- a/auth.c
-+++ b/auth.c
-@@ -729,118 +729,6 @@ fakepw(void)
- return (&fake);
- }
-
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on based on conflation of hostnames and IP addresses.
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) == -1) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return xstrdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return xstrdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return xstrdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return xstrdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return xstrdup(ntop);
-- }
-- return xstrdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
--
- /* These functions link key/cert options to the auth framework */
-
- /* Log sshauthopt options locally and (optionally) for remote transmission */
-diff --git a/canohost.c b/canohost.c
-index a810da0e..18e9d8d4 100644
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) == -1) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return xstrdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return xstrdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return xstrdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return xstrdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return xstrdup(ntop);
-+ }
-+ return xstrdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
-diff --git a/readconf.c b/readconf.c
-index 03369a08..b45898ce 100644
---- a/readconf.c
-+++ b/readconf.c
-@@ -161,6 +161,7 @@ typedef enum {
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -207,9 +208,11 @@ static struct {
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "pkcs11provider", oPKCS11Provider },
-@@ -1117,6 +1120,10 @@ parse_time:
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -2307,6 +2314,7 @@ initialize_options(Options * options)
- options->pubkey_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -2465,6 +2473,8 @@ fill_default_options(Options * options)
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
-diff --git a/readconf.h b/readconf.h
-index f7d53b06..c3a91898 100644
---- a/readconf.h
-+++ b/readconf.h
-@@ -40,6 +40,7 @@ typedef struct {
- int hostbased_authentication; /* ssh2's rhosts_rsa */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-diff --git a/ssh_config.5 b/ssh_config.5
-index cd0eea86..27101943 100644
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -832,6 +832,16 @@ The default is
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
-diff --git a/sshconnect2.c b/sshconnect2.c
-index fea50fab..aeff639b 100644
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -776,6 +776,13 @@ userauth_gssapi(struct ssh *ssh)
- OM_uint32 min;
- int r, ok = 0;
- gss_OID mech = NULL;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(ssh, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -790,7 +797,7 @@ userauth_gssapi(struct ssh *ssh)
- elements[authctxt->mech_tried];
- /* My DER encoding requires length<128 */
- if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
-- mech, authctxt->host)) {
-+ mech, gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- authctxt->mech_tried++;
diff --git a/net-misc/openssh-contrib/files/openssh-8.9_p1-allow-ppoll_time64.patch b/net-misc/openssh-contrib/files/openssh-8.9_p1-allow-ppoll_time64.patch
deleted file mode 100644
index 8c46625aa29c..000000000000
--- a/net-misc/openssh-contrib/files/openssh-8.9_p1-allow-ppoll_time64.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
-index 2e065ba3..4ce80cb2 100644
---- a/sandbox-seccomp-filter.c
-+++ b/sandbox-seccomp-filter.c
-@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = {
- #ifdef __NR_ppoll
- SC_ALLOW(__NR_ppoll),
- #endif
-+#ifdef __NR_ppoll_time64
-+ SC_ALLOW(__NR_ppoll_time64),
-+#endif
- #ifdef __NR_poll
- SC_ALLOW(__NR_poll),
- #endif
diff --git a/net-misc/openssh-contrib/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch b/net-misc/openssh-contrib/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
deleted file mode 100644
index 4d098b2231c7..000000000000
--- a/net-misc/openssh-contrib/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
-index 23b40b643..d93a357c6 100644
---- a/sandbox-seccomp-filter.c
-+++ b/sandbox-seccomp-filter.c
-@@ -257,6 +257,15 @@ static const struct sock_filter preauth_insns[] = {
- #ifdef __NR_statx
- SC_DENY(__NR_statx, EACCES),
- #endif
-+#ifdef __NR_shmget
-+ SC_DENY(__NR_shmget, EACCES),
-+#endif
-+#ifdef __NR_shmat
-+ SC_DENY(__NR_shmat, EACCES),
-+#endif
-+#ifdef __NR_shmdt
-+ SC_DENY(__NR_shmdt, EACCES),
-+#endif
-
- /* Syscalls to permit */
- #ifdef __NR_brk
diff --git a/net-misc/r8168/Manifest b/net-misc/r8168/Manifest
index fd0ec3608298..822612ea9adc 100644
--- a/net-misc/r8168/Manifest
+++ b/net-misc/r8168/Manifest
@@ -4,5 +4,5 @@ AUX r8168-8.053.00-kernel-6.9.patch 4625 BLAKE2B 6043101e08f3068369e42d80d848239
DIST r8168-8.051.02.tar.bz2 115969 BLAKE2B 28b809c0330920ee0db7a8f8d41e178882531cd0a6793efeadd9670b1a9b5cbe903061073fd1d461f4234feb41249a244f9ef35cdbb780da498e5a6d6f1a5490 SHA512 2f29a413e7db2b7295ea0a970b3385de1dfd6e41e1820097355687daa5c8d155c1cf6115c72875bff4f366365579bffc81733469a62d76f437065b7e514387ca
DIST r8168-8.053.00.tar.gz 169102 BLAKE2B 4be044fec5edb78d3050c66f92ffce56487347c171da6d0e29593584e23b173536e48a18ffaf47df4e99999867a65b658a0deace333948bb0d77cd0f5c619719 SHA512 c44a63b04eb5cfb2b8ae434b26098c96067f7a2d6193e206801236fa38832b4f20a0b1a05a374f1d7d5b7ce973d38b6f49744f8b029e22930ebbd2763fbc6440
EBUILD r8168-8.051.02-r1.ebuild 1002 BLAKE2B 5d95ea2cd2d1ced3a6a93288e5822ef282db5eb142aab6ab72094c2ecba8c9b30216503297be8d95e03a2b55d30b3ad9806f52ff08fafad459219182ef29eaac SHA512 c6d44bec0bb85eee47187467eaceb55a991e250dc3856f18a48da305e0e954e60c42c5197503100e3588bcbdb31b60a0e2f55eb641b5a808b1f6338e80f6f809
-EBUILD r8168-8.053.00.ebuild 887 BLAKE2B 79c3af6d30f77f5255ac0abd6fae805ab12ec8c01da20ba16c51fec93d753c3a210ebcdf9c5519b247c86066494d57e439c8eab8174a6f207ea5f7803632385d SHA512 3eae3adce3c971729b77c6688b149043593429062277554f3a6236ca23ef4c75035f786d333bb5fee83c79bba6ea0a791613639b41f6e7d0fef0b6a1f3964521
+EBUILD r8168-8.053.00.ebuild 886 BLAKE2B fb798dda04751d136e32592811b85d09de08eead8193108dfcb9932fe5b3488c08195bccaa0768666b65c4a151a0e817ac060dad940cb32b9c324f829bfe6f74 SHA512 2dbe00c9402fd24e4c0a859e966cc8abd0de12f5af0798c37ecd6d218e70ec90d092e2e7d5facd8380ca78ebea0428582e451268a5f70caba218a4edfccbfe6c
MISC metadata.xml 577 BLAKE2B 0335cbfc902163abd4ffef0ad089b15ae7eaee15e41ed7760834d0329662a8ea0c66d68366a779265205557abe31bf3055b474f6bda7469e803a6240c3e68951 SHA512 f27ae61be558fe46b14fdf43a8d975c71cc900788761e6c5044eea6e8f80ddb6528b0d9d711844b6c8b45e58401a8736d08c40827fa0ceb99be32a3a0abd7086
diff --git a/net-misc/r8168/r8168-8.053.00.ebuild b/net-misc/r8168/r8168-8.053.00.ebuild
index 5cb149094196..940d0ae9f3df 100644
--- a/net-misc/r8168/r8168-8.053.00.ebuild
+++ b/net-misc/r8168/r8168-8.053.00.ebuild
@@ -11,7 +11,7 @@ SRC_URI="https://github.com/mtorromeo/${PN}/archive/${PV}/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="amd64 ~x86"
IUSE="use-firmware"