Early heads-up: plan to remove local patches for TCP Wrappers support in sshd
Bryan Drewery
bdrewery at FreeBSD.org
Mon Mar 23 21:06:49 UTC 2020
On 2/14/2020 10:18 AM, Ed Maste wrote:
> Upstream OpenSSH-portable removed libwrap support in version 6.7,
> released in October 2014. We've maintained a patch in our tree to
> restore it, but it causes friction on each OpenSSH update and may
> introduce security vulnerabilities not present upstream. It's (past)
> time to remove it.
>
> Although the specific deprecation steps aren't yet fleshed out I'm
> sending this as an early notice that I plan to disable libwrap support
> from the base system sshd and that FreeBSD 13 will not support it.
> We'll probably keep the patch in the tree for some time, to support
> MFCs to stable branches; the patch will be removed entirely later on.
FYI if you need this feature the port still has it and is at 8.2 now.
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20200323/cdc1e79b/attachment.sig>
More information about the freebsd-security
mailing list