From 3d7eba51113cc914c50bb937863135942dfd57b6 Mon Sep 17 00:00:00 2001 From: BinduSri-6522866 Date: Tue, 16 Dec 2025 09:11:40 +0000 Subject: [PATCH 1/3] Upgrade trilead-ssh2 version to 217.293 --- LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md | 2 +- LICENSES-AND-NOTICES/SPECS/data/licenses.json | 2 + ...Verify-Handle-any-non-EdDSAPublicKey.patch | 37 ++++ ...t-relies-on-internal-sun-JDK-classes.patch | 46 ++++ .../ed25519-java-CVE-2020-36843.patch | 39 ++++ .../ed25519-java/ed25519-java-build.xml | 116 +++++++++++ .../ed25519-java/ed25519-java.signatures.json | 6 + SPECS-EXTENDED/ed25519-java/ed25519-java.spec | 120 +++++++++++ SPECS-EXTENDED/jbcrypt/jbcrypt-1.0.2.pom | 33 +++ SPECS-EXTENDED/jbcrypt/jbcrypt-build.xml | 196 ++++++++++++++++++ .../jbcrypt/jbcrypt.signatures.json | 7 + SPECS-EXTENDED/jbcrypt/jbcrypt.spec | 87 ++++++++ ...Remove-the-dependency-on-google-tink.patch | 161 ++++++++++++++ .../trilead-ssh2/trilead-ssh2-build.xml | 113 ++++++++++ .../trilead-ssh2/trilead-ssh2.signatures.json | 5 +- SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec | 47 +++-- cgmanifest.json | 24 ++- 17 files changed, 1020 insertions(+), 21 deletions(-) create mode 100644 SPECS-EXTENDED/ed25519-java/0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch create mode 100644 SPECS-EXTENDED/ed25519-java/0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch create mode 100644 SPECS-EXTENDED/ed25519-java/ed25519-java-CVE-2020-36843.patch create mode 100644 SPECS-EXTENDED/ed25519-java/ed25519-java-build.xml create mode 100644 SPECS-EXTENDED/ed25519-java/ed25519-java.signatures.json create mode 100644 SPECS-EXTENDED/ed25519-java/ed25519-java.spec create mode 100644 SPECS-EXTENDED/jbcrypt/jbcrypt-1.0.2.pom create mode 100644 SPECS-EXTENDED/jbcrypt/jbcrypt-build.xml create mode 100644 SPECS-EXTENDED/jbcrypt/jbcrypt.signatures.json create mode 100644 SPECS-EXTENDED/jbcrypt/jbcrypt.spec create mode 100644 SPECS-EXTENDED/trilead-ssh2/0001-Remove-the-dependency-on-google-tink.patch create mode 100644 SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml diff --git a/LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md b/LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md index ce27d220a1e..20e3f61193b 100644 --- a/LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md +++ b/LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md @@ -16,7 +16,7 @@ The Azure Linux SPEC files originated from a variety of sources with varying lic | NVIDIA (BSD) | [BSD](https://github.com/Mellanox/sockperf/blob/sockperf_v2/copying) | sockperf | | OpenEuler | [BSD-3 License](https://github.com/pytorch/pytorch/blob/master/LICENSE) | pytorch | | OpenMamba | [Openmamba GPLv2 License](https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt) | bash-completion | -| OpenSUSE | Following [openSUSE guidelines](https://en.opensuse.org/openSUSE:Specfile_guidelines#Specfile_Licensing) | ant
ant-junit
antlr
aopalliance
apache-commons-beanutils
apache-commons-cli
apache-commons-codec
apache-commons-collections
apache-commons-collections4
apache-commons-compress
apache-commons-daemon
apache-commons-dbcp
apache-commons-digester
apache-commons-httpclient
apache-commons-io
apache-commons-jexl
apache-commons-lang3
apache-commons-logging
apache-commons-net
apache-commons-pool
apache-commons-pool2
apache-commons-validator
apache-commons-vfs2
apache-parent
args4j
atinject
base64coder
bcel
bea-stax
beust-jcommander
bsf
byaccj
cal10n
cdparanoia
cglib
cni
containerized-data-importer
cpulimit
cri-o
ecj
fillup
flux
gd
geronimo-specs
glassfish-annotation-api
gnu-getopt
gnu-regexp
golang-packaging
guava
hamcrest
hawtjni-runtime
httpcomponents-core
influx-cli
influxdb
jakarta-taglibs-standard
jansi
jarjar
java-cup
java-cup-bootstrap
javacc
javacc-bootstrap
javassist
jboss-interceptors-1.2-api
jdepend
jflex
jflex-bootstrap
jlex
jline
jna
jsch
jsoup
jsr-305
jtidy
junit
junitperf
jzlib
kubevirt
kured
libcontainers-common
libtheora
libva
libvdpau
lynx
multus
objectweb-anttask
objectweb-asm
objenesis
oro
osgi-annotation
osgi-compendium
osgi-core
patterns-ceph-containers
plexus-classworlds
plexus-interpolation
plexus-utils
proj
psl-make-dafsa
publicsuffix
qdox
regexp
relaxngDatatype
rhino
ripgrep
servletapi4
servletapi5
shapelib
slf4j
trilead-ssh2
virtiofsd
xalan-j2
xbean
xcursor-themes
xerces-j2
xml-commons-apis
xml-commons-resolver
xmldb-api
xmlrpc-c
xmlunit
xz-java | +| OpenSUSE | Following [openSUSE guidelines](https://en.opensuse.org/openSUSE:Specfile_guidelines#Specfile_Licensing) | ant
ant-junit
antlr
aopalliance
apache-commons-beanutils
apache-commons-cli
apache-commons-codec
apache-commons-collections
apache-commons-collections4
apache-commons-compress
apache-commons-daemon
apache-commons-dbcp
apache-commons-digester
apache-commons-httpclient
apache-commons-io
apache-commons-jexl
apache-commons-lang3
apache-commons-logging
apache-commons-net
apache-commons-pool
apache-commons-pool2
apache-commons-validator
apache-commons-vfs2
apache-parent
args4j
atinject
base64coder
bcel
bea-stax
beust-jcommander
bsf
byaccj
cal10n
cdparanoia
cglib
cni
containerized-data-importer
cpulimit
cri-o
ecj
ed25519-java
fillup
flux
gd
geronimo-specs
glassfish-annotation-api
gnu-getopt
gnu-regexp
golang-packaging
guava
hamcrest
hawtjni-runtime
httpcomponents-core
influx-cli
influxdb
jakarta-taglibs-standard
jansi
jarjar
java-cup
java-cup-bootstrap
javacc
javacc-bootstrap
javassist
jbcrypt
jboss-interceptors-1.2-api
jdepend
jflex
jflex-bootstrap
jlex
jline
jna
jsch
jsoup
jsr-305
jtidy
junit
junitperf
jzlib
kubevirt
kured
libcontainers-common
libtheora
libva
libvdpau
lynx
multus
objectweb-anttask
objectweb-asm
objenesis
oro
osgi-annotation
osgi-compendium
osgi-core
patterns-ceph-containers
plexus-classworlds
plexus-interpolation
plexus-utils
proj
psl-make-dafsa
publicsuffix
qdox
regexp
relaxngDatatype
rhino
ripgrep
servletapi4
servletapi5
shapelib
slf4j
trilead-ssh2
virtiofsd
xalan-j2
xbean
xcursor-themes
xerces-j2
xml-commons-apis
xml-commons-resolver
xmldb-api
xmlrpc-c
xmlunit
xz-java | | Photon | [Photon License](LICENSE-PHOTON.md) and [Photon Notice](NOTICE.APACHE2).
Also see [LICENSE-EXCEPTIONS.PHOTON](LICENSE-EXCEPTIONS.PHOTON). | acl
alsa-lib
alsa-utils
ansible
apparmor
apr
apr-util
asciidoc
atftp
audit
autoconf
autoconf-archive
autofs
autogen
automake
babel
bash
bc
bcc
bind
binutils
bison
blktrace
boost
btrfs-progs
bubblewrap
build-essential
bzip2
c-ares
cairo
cassandra
cassandra-driver
cdrkit
check
chkconfig
chrpath
cifs-utils
clang
cloud-init
cloud-utils-growpart
cmake
cni-plugins
core-packages
coreutils
cpio
cppunit
cqlsh
cracklib
crash
crash-gcore-command
createrepo_c
cri-tools
cronie
curl
cyrus-sasl
cyrus-sasl-bootstrap
dbus
dbus-glib
dejagnu
device-mapper-multipath
dialog
diffutils
dkms
dmidecode
dnsmasq
docbook-dtd-xml
docbook-style-xsl
dosfstools
dracut
dstat
e2fsprogs
ed
efibootmgr
efivar
elfutils
emacs
erlang
etcd
ethtool
expat
expect
fcgi
file
filesystem
findutils
flex
fontconfig
fping
freetype
fuse
gawk
gc
gcc
gdb
gdbm
gettext
git
git-lfs
glib
glib-networking
glibc
glibmm
gmp
gnome-common
gnupg2
gnuplot
gnutls
gobject-introspection
golang
golang-1.23
golang-1.24
gperf
gperftools
gpgme
gptfdisk
grep
groff
grub2
gtest
gtk-doc
guile
gzip
haproxy
harfbuzz
haveged
hdparm
http-parser
httpd
i2c-tools
iana-etc
icu
initramfs
initscripts
inotify-tools
intltool
iotop
iperf3
iproute
ipset
iptables
iputils
ipvsadm
ipxe
irqbalance
itstool
jansson
jq
json-c
json-glib
kbd
keepalived
kernel
kernel-64k
kernel-headers
kernel-hwe
kernel-hwe-headers
kernel-ipe
kernel-lpg-innovate
kernel-mshv
kernel-rt
kernel-uvm
keyutils
kmod
krb5
less
libaio
libarchive
libassuan
libatomic_ops
libcap
libcap-ng
libconfig
libdb
libdnet
libedit
libestr
libevent
libfastjson
libffi
libgcrypt
libgpg-error
libgssglue
libgudev
libjpeg-turbo
libksba
liblogging
libmbim
libmnl
libmodulemd
libmpc
libmspack
libndp
libnetfilter_conntrack
libnetfilter_cthelper
libnetfilter_cttimeout
libnetfilter_queue
libnfnetlink
libnftnl
libnl3
libnsl2
libpcap
libpipeline
libpng
libpsl
libqmi
librelp
librepo
librsync
libseccomp
libselinux
libsepol
libserf
libsigc++30
libsolv
libsoup
libssh2
libtalloc
libtar
libtasn1
libtiff
libtirpc
libtool
libunistring
libunwind
libusb
libvirt
libwebp
libxml2
libxslt
libyaml
linux-firmware
lldb
lldpad
llvm
lm-sensors
lmdb
log4cpp
logrotate
lshw
lsof
lsscsi
ltrace
lttng-tools
lttng-ust
lvm2
lz4
lzo
m2crypto
m4
make
man-db
man-pages
maven
mc
mercurial
meson
mlocate
ModemManager
mpfr
msr-tools
mysql
nano
nasm
ncurses
ndctl
net-snmp
net-tools
nettle
newt
nfs-utils
nghttp2
nginx
ninja-build
nodejs
npth
nspr
nss
nss-altfiles
ntp
numactl
nvme-cli
oniguruma
OpenIPMI
openldap
openscap
openssh
openvswitch
ostree
pam
pango
parted
patch
pciutils
perl-Canary-Stability
perl-CGI
perl-common-sense
perl-Crypt-SSLeay
perl-DBD-SQLite
perl-DBI
perl-DBIx-Simple
perl-Exporter-Tiny
perl-File-HomeDir
perl-File-Which
perl-IO-Socket-SSL
perl-JSON-Any
perl-JSON-XS
perl-libintl-perl
perl-List-MoreUtils
perl-Module-Build
perl-Module-Install
perl-Module-ScanDeps
perl-Net-SSLeay
perl-NetAddr-IP
perl-Object-Accessor
perl-Path-Class
perl-Try-Tiny
perl-Types-Serialiser
perl-WWW-Curl
perl-XML-Parser
perl-YAML
perl-YAML-Tiny
pgbouncer
pinentry
polkit
popt
postgresql
procps-ng
protobuf
protobuf-c
psmisc
pth
pyasn1-modules
pyOpenSSL
pyparsing
pytest
python-appdirs
python-asn1crypto
python-atomicwrites
python-attrs
python-bcrypt
python-certifi
python-cffi
python-chardet
python-configobj
python-constantly
python-coverage
python-cryptography
python-daemon
python-dateutil
python-defusedxml
python-distro
python-docopt
python-docutils
python-ecdsa
python-geomet
python-gevent
python-hyperlink
python-hypothesis
python-idna
python-imagesize
python-incremental
python-iniparse
python-ipaddr
python-jinja2
python-jmespath
python-jsonpatch
python-jsonpointer
python-jsonschema
python-lockfile
python-lxml
python-mako
python-markupsafe
python-mistune
python-msgpack
python-netaddr
python-netifaces
python-ntplib
python-oauthlib
python-packaging
python-pam
python-pbr
python-ply
python-prettytable
python-psutil
python-psycopg2
python-py
python-pyasn1
python-pycodestyle
python-pycparser
python-pycurl
python-pygments
python-pynacl
python-requests
python-setuptools_scm
python-simplejson
python-six
python-snowballstemmer
python-sphinx-theme-alabaster
python-twisted
python-urllib3
python-vcversioner
python-virtualenv
python-wcwidth
python-webob
python-websocket-client
python-werkzeug
python-zope-event
python-zope-interface
python3
pytz
PyYAML
rapidjson
readline
rng-tools
rpcbind
rpcsvc-proto
rpm
rpm-ostree
rrdtool
rsync
rsyslog
ruby
rust
rust-1.75
scons
sed
sg3_utils
shadow-utils
slang
snappy
socat
sqlite
sshpass
strace
subversion
sudo
swig
syslinux
syslog-ng
sysstat
systemd-bootstrap
systemtap
tar
tboot
tcl
tcpdump
tcsh
tdnf
telegraf
texinfo
tmux
tpm2-abrmd
tpm2-pkcs11
tpm2-pytss
tpm2-tools
tpm2-tss
traceroute
tree
tzdata
unbound
unixODBC
unzip
usbutils
userspace-rcu
utf8proc
util-linux
valgrind
vim
vsftpd
WALinuxAgent
which
wpa_supplicant
xfsprogs
xinetd
xmlsec1
xmlto
xz
zchunk
zeromq
zip
zlib
zsh | | RPM software management source | [GPLv2+ License](https://github.com/rpm-software-management/dnf5/blob/main/COPYING.md) | dnf5 | | Source project | Same as the source project. | python-nocaselist | diff --git a/LICENSES-AND-NOTICES/SPECS/data/licenses.json b/LICENSES-AND-NOTICES/SPECS/data/licenses.json index 589ef5d081d..5adf28f9cf2 100644 --- a/LICENSES-AND-NOTICES/SPECS/data/licenses.json +++ b/LICENSES-AND-NOTICES/SPECS/data/licenses.json @@ -2585,6 +2585,7 @@ "cpulimit", "cri-o", "ecj", + "ed25519-java", "fillup", "flux", "gd", @@ -2607,6 +2608,7 @@ "javacc", "javacc-bootstrap", "javassist", + "jbcrypt", "jboss-interceptors-1.2-api", "jdepend", "jflex", diff --git a/SPECS-EXTENDED/ed25519-java/0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch b/SPECS-EXTENDED/ed25519-java/0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch new file mode 100644 index 00000000000..6d7079ea1e9 --- /dev/null +++ b/SPECS-EXTENDED/ed25519-java/0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch @@ -0,0 +1,37 @@ +From c5629faa3e1880cc71da506263f224bc818fe827 Mon Sep 17 00:00:00 2001 +From: Jack Grigg +Date: Sun, 27 Jan 2019 23:27:00 +0000 +Subject: [PATCH 1/2] EdDSAEngine.initVerify(): Handle any non-EdDSAPublicKey + X.509-encoded pubkey + +sun.security.x509.X509Key is a JDK-internal API, and should not be used +directly. Instead of looking for an instance of that class, we check the +primary encoding format of the PublicKey, and proceed if it is "X.509". +--- + src/net/i2p/crypto/eddsa/EdDSAEngine.java | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/net/i2p/crypto/eddsa/EdDSAEngine.java b/src/net/i2p/crypto/eddsa/EdDSAEngine.java +index 1f0ba6d..6b25410 100644 +--- a/src/net/i2p/crypto/eddsa/EdDSAEngine.java ++++ b/src/net/i2p/crypto/eddsa/EdDSAEngine.java +@@ -29,7 +29,6 @@ import java.util.Arrays; + import net.i2p.crypto.eddsa.math.Curve; + import net.i2p.crypto.eddsa.math.GroupElement; + import net.i2p.crypto.eddsa.math.ScalarOps; +-import sun.security.x509.X509Key; + + /** + * Signing and verification for EdDSA. +@@ -157,7 +156,7 @@ public final class EdDSAEngine extends Signature { + } + } else if (!key.getParams().getHashAlgorithm().equals(digest.getAlgorithm())) + throw new InvalidKeyException("Key hash algorithm does not match chosen digest"); +- } else if (publicKey instanceof X509Key) { ++ } else if (publicKey.getFormat().equals("X.509")) { + // X509Certificate will sometimes contain an X509Key rather than the EdDSAPublicKey itself; the contained + // key is valid but needs to be instanced as an EdDSAPublicKey before it can be used. + EdDSAPublicKey parsedPublicKey; +-- +2.33.1 + diff --git a/SPECS-EXTENDED/ed25519-java/0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch b/SPECS-EXTENDED/ed25519-java/0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch new file mode 100644 index 00000000000..d8128286dea --- /dev/null +++ b/SPECS-EXTENDED/ed25519-java/0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch @@ -0,0 +1,46 @@ +From 1ea7fb5ed949d8a458fda40b186868b7cffbb271 Mon Sep 17 00:00:00 2001 +From: Mat Booth +Date: Wed, 1 Dec 2021 09:35:10 +0000 +Subject: [PATCH 2/2] Disable test that relies on internal sun JDK classes + +--- + test/net/i2p/crypto/eddsa/EdDSAEngineTest.java | 18 ------------------ + 1 file changed, 18 deletions(-) + +diff --git a/test/net/i2p/crypto/eddsa/EdDSAEngineTest.java b/test/net/i2p/crypto/eddsa/EdDSAEngineTest.java +index 2ed793b..adc46fd 100644 +--- a/test/net/i2p/crypto/eddsa/EdDSAEngineTest.java ++++ b/test/net/i2p/crypto/eddsa/EdDSAEngineTest.java +@@ -31,8 +31,6 @@ import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec; + import org.junit.Rule; + import org.junit.Test; + import org.junit.rules.ExpectedException; +-import sun.security.util.DerValue; +-import sun.security.x509.X509Key; + + /** + * @author str4d +@@ -217,20 +215,4 @@ public class EdDSAEngineTest { + assertThat("verifyOneShot() failed", sgr.verifyOneShot(TEST_MSG, TEST_MSG_SIG), is(true)); + } + +- @Test +- public void testVerifyX509PublicKeyInfo() throws Exception { +- EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName("Ed25519"); +- Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); +- for (Ed25519TestVectors.TestTuple testCase : Ed25519TestVectors.testCases) { +- EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(testCase.pk, spec); +- PublicKey vKey = new EdDSAPublicKey(pubKey); +- PublicKey x509Key = X509Key.parse(new DerValue(vKey.getEncoded())); +- sgr.initVerify(x509Key); +- +- sgr.update(testCase.message); +- +- assertThat("Test case " + testCase.caseNum + " failed", +- sgr.verify(testCase.sig), is(true)); +- } +- } + } +-- +2.33.1 + diff --git a/SPECS-EXTENDED/ed25519-java/ed25519-java-CVE-2020-36843.patch b/SPECS-EXTENDED/ed25519-java/ed25519-java-CVE-2020-36843.patch new file mode 100644 index 00000000000..324025e3fcf --- /dev/null +++ b/SPECS-EXTENDED/ed25519-java/ed25519-java-CVE-2020-36843.patch @@ -0,0 +1,39 @@ +--- ed25519-java-0.3.0/src/net/i2p/crypto/eddsa/EdDSAEngine.java 2025-03-14 14:47:43.404137953 +0100 ++++ ed25519-java-0.3.0/src/net/i2p/crypto/eddsa/EdDSAEngine.java 2025-03-14 14:50:31.859888550 +0100 +@@ -12,6 +12,7 @@ + package net.i2p.crypto.eddsa; + + import java.io.ByteArrayOutputStream; ++import java.math.BigInteger; + import java.nio.ByteBuffer; + import java.security.InvalidAlgorithmParameterException; + import java.security.InvalidKeyException; +@@ -29,6 +30,7 @@ + import net.i2p.crypto.eddsa.math.Curve; + import net.i2p.crypto.eddsa.math.GroupElement; + import net.i2p.crypto.eddsa.math.ScalarOps; ++import net.i2p.crypto.eddsa.math.bigint.BigIntegerLittleEndianEncoding; + + /** + * Signing and verification for EdDSA. +@@ -69,6 +71,8 @@ + public final class EdDSAEngine extends Signature { + public static final String SIGNATURE_ALGORITHM = "NONEwithEdDSA"; + ++ private static final BigInteger ORDER = new BigInteger("2").pow(252).add(new BigInteger("27742317777372353535851937790883648493")); ++ + private MessageDigest digest; + private ByteArrayOutputStream baos; + private EdDSAKey key; +@@ -306,6 +310,11 @@ + h = key.getParams().getScalarOps().reduce(h); + + byte[] Sbyte = Arrays.copyOfRange(sigBytes, b/8, b/4); ++ // RFC 8032 ++ BigInteger Sbigint = (new BigIntegerLittleEndianEncoding()).toBigInteger(Sbyte); ++ if (Sbigint.compareTo(ORDER) >= 0) ++ return false; ++ + // R = SB - H(Rbar,Abar,M)A + GroupElement R = key.getParams().getB().doubleScalarMultiplyVariableTime( + ((EdDSAPublicKey) key).getNegativeA(), h, Sbyte); diff --git a/SPECS-EXTENDED/ed25519-java/ed25519-java-build.xml b/SPECS-EXTENDED/ed25519-java/ed25519-java-build.xml new file mode 100644 index 00000000000..3a936462a6e --- /dev/null +++ b/SPECS-EXTENDED/ed25519-java/ed25519-java-build.xml @@ -0,0 +1,116 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/SPECS-EXTENDED/ed25519-java/ed25519-java.signatures.json b/SPECS-EXTENDED/ed25519-java/ed25519-java.signatures.json new file mode 100644 index 00000000000..7272e958992 --- /dev/null +++ b/SPECS-EXTENDED/ed25519-java/ed25519-java.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "ed25519-java-0.3.0.tar.gz": "a89a2331afb1db0bd06ce029c731db2d24684cebf111e796b51deb6e2a20a310", + "ed25519-java-build.xml": "2eb416752ef86be27a06581dfb60c6c4693d530ffa7f8e12f28112b40d65fab7" + } +} \ No newline at end of file diff --git a/SPECS-EXTENDED/ed25519-java/ed25519-java.spec b/SPECS-EXTENDED/ed25519-java/ed25519-java.spec new file mode 100644 index 00000000000..5747a603d1c --- /dev/null +++ b/SPECS-EXTENDED/ed25519-java/ed25519-java.spec @@ -0,0 +1,120 @@ +Vendor: Microsoft Corporation +Distribution: Azure Linux +# +# spec file for package ed25519-java +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%global artifactId eddsa +Name: ed25519-java +Version: 0.3.0 +Release: 1%{?dist} +Summary: Implementation of EdDSA (Ed25519) in Java +License: CC0-1.0 +URL: https://github.com/str4d/ed25519-java +Source0: https://github.com/str4d/ed25519-java/archive/v%{version}/%{name}-%{version}.tar.gz +Source1: %{name}-build.xml +Patch0: 0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch +Patch1: 0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch +Patch2: %{name}-CVE-2020-36843.patch +BuildRequires: ant +BuildRequires: fdupes +BuildRequires: java-devel >= 1.8 +BuildRequires: javapackages-local-bootstrap >= 6 +BuildRequires: javapackages-tools +BuildArch: noarch + +%description +This is an implementation of EdDSA in Java. Structurally, it +is based on the ref10 implementation in SUPERCOP (see +http://ed25519.cr.yp.to/software.html). + +There are two internal implementations: + +* A port of the radix-2^51 operations in ref10 + - fast and constant-time, but only useful for Ed25519. +* A generic version using BigIntegers for calculation + - a bit slower and not constant-time, but compatible + with any EdDSA parameter specification. + +%package javadoc +Summary: Javadoc for %{name} + +%description javadoc +This package contains javadoc for %{name}. + +%prep +%setup -q +cp %{SOURCE1} build.xml +%patch -P 0 -p1 +%patch -P 1 -p1 +%patch -P 2 -p1 + +%build +ant jar javadoc + +%install + +# jar +install -dm 0755 %{buildroot}%{_javadir} +install -pm 0644 target/%{artifactId}-%{version}.jar %{buildroot}%{_javadir}/%{artifactId}.jar +ln -sf %{_javadir}/%{artifactId}.jar %{buildroot}%{_javadir}/%{name}.jar + +# pom +install -dm 0755 %{buildroot}%{_mavenpomdir} +install -pm 0644 pom.xml %{buildroot}%{_mavenpomdir}/%{artifactId}.pom +%add_maven_depmap %{artifactId}.pom %{artifactId}.jar + +# javadoc +install -dm 0755 %{buildroot}%{_javadocdir}/%{name} +cp -r target/site/apidocs/* %{buildroot}%{_javadocdir}/%{name}/ +%fdupes -s %{buildroot}%{_javadocdir} + +%files -f .mfiles +%{_javadir}/%{name}.jar +%doc README.md +%license LICENSE.txt + +%files javadoc +%{_javadocdir}/%{name} +%license LICENSE.txt + +%changelog +* Tue Dec 16 2025 BinduSri Adabala - 0.3.0-1 +- Initial CBL-Mariner import from openSUSE Tumbleweed (license: same as "License" tag). +- License verified + +* Fri Mar 14 2025 Fridrich Strba +- Added patch: + * ed25519-java-CVE-2020-36843.patch + + backport commit https://github.com/i2p/i2p.i2p/commit/ + /d7d1dcb5399c61cf2916ccc45aa25b0209c88712 + + Fixes bsc#1239551, CVE-2020-36843: no check performed on + scalar to avoid signature malleability +* Wed Oct 30 2024 Fridrich Strba +- Rewrite the build using ant +* Wed Feb 21 2024 Gus Kenion +- Use %%patch -P N instead of deprecated %%patchN. +* Mon Sep 11 2023 Fridrich Strba +- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp +* Tue Mar 22 2022 Fridrich Strba +- Build with source and target levels 8 +- Added patches: + * 0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch + * 0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch + + Remove use of internal sun JDK classes +* Mon Jun 29 2020 Fridrich Strba +- Initial packaging of ed25519 0.3.0 diff --git a/SPECS-EXTENDED/jbcrypt/jbcrypt-1.0.2.pom b/SPECS-EXTENDED/jbcrypt/jbcrypt-1.0.2.pom new file mode 100644 index 00000000000..dcc1cf2c307 --- /dev/null +++ b/SPECS-EXTENDED/jbcrypt/jbcrypt-1.0.2.pom @@ -0,0 +1,33 @@ + + + + + + + + 4.0.0 + org.connectbot + jbcrypt + 1.0.2 + jBCrypt + A fork of jBCrypt with more modern OpenBSD algorithms. + https://github.com/kruton/jbcrypt + + + ISC + https://www.isc.org/downloads/software-support-policy/isc-license/ + + + + + Kenny Root + kenny@the-b.org + + + + https://github.com/kruton/jbcrypt.git + https://github.com/kruton/jbcrypt.git + https://github.com/kruton/jbcrypt + + diff --git a/SPECS-EXTENDED/jbcrypt/jbcrypt-build.xml b/SPECS-EXTENDED/jbcrypt/jbcrypt-build.xml new file mode 100644 index 00000000000..175f45b06d1 --- /dev/null +++ b/SPECS-EXTENDED/jbcrypt/jbcrypt-build.xml @@ -0,0 +1,196 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + =================================== WARNING =================================== + JUnit is not present in the test classpath or your $ANT_HOME/lib directory. Tests not executed. + =============================================================================== + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/SPECS-EXTENDED/jbcrypt/jbcrypt.signatures.json b/SPECS-EXTENDED/jbcrypt/jbcrypt.signatures.json new file mode 100644 index 00000000000..4b2d3d8c63d --- /dev/null +++ b/SPECS-EXTENDED/jbcrypt/jbcrypt.signatures.json @@ -0,0 +1,7 @@ +{ + "Signatures": { + "jbcrypt-1.0.2.pom": "c94024d7410ed6a1894e3f8e26df16c2d3f6931e89c6b3f17a9028ab4dba092b", + "jbcrypt-1.0.2.tar.gz": "0a18110f070f53e2f9ed1609e1a01a1d2042bbe87cba909a381f2f5a055a1142", + "jbcrypt-build.xml": "e85b12dde9acea14d76d09db813f90fde150c1f312e772ddffdb6d66cd51b5ef" + } +} \ No newline at end of file diff --git a/SPECS-EXTENDED/jbcrypt/jbcrypt.spec b/SPECS-EXTENDED/jbcrypt/jbcrypt.spec new file mode 100644 index 00000000000..1de1e208f0e --- /dev/null +++ b/SPECS-EXTENDED/jbcrypt/jbcrypt.spec @@ -0,0 +1,87 @@ +Vendor: Microsoft Corporation +Distribution: Azure Linux +# +# spec file for package jbcrypt +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: jbcrypt +Version: 1.0.2 +Release: 1%{?dist} +Summary: An implementation the OpenBSD Blowfish password hashing algorithm +License: ISC +Group: Development/Libraries/Java +URL: https://github.com/kruton/%{name} +Source0: https://github.com/kruton/%{name}/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz +Source1: %{name}-build.xml +Source2: https://repo1.maven.org/maven2/org/connectbot/%{name}/%{version}/%{name}-%{version}.pom +BuildRequires: ant +BuildRequires: fdupes +BuildRequires: java-devel >= 1.8 +BuildRequires: javapackages-local-bootstrap >= 6 +BuildRequires: javapackages-tools +BuildArch: noarch + +%description +jBCrypt is an implementation the OpenBSD Blowfish password hashing +algorithm. + +This system hashes passwords using a version of Bruce Schneier's +Blowfish block cipher with modifications designed to raise the cost of +off-line password cracking. The computation cost of the algorithm is +parameterised, so it can be increased as computers get faster. + +%package javadoc +Summary: Javadoc for %{name} +Group: Development/Libraries/Java + +%description javadoc +This package contains API documentation for %{name}. + +%prep +%setup -q +cp %{SOURCE1} build.xml + +%build +%{ant} -Dtest.skip=true package javadoc + +%install +install -dm 0755 %{buildroot}%{_javadir} +install -pm 0644 target/%{name}-%{version}.jar %{buildroot}%{_javadir}/%{name}.jar + +install -dm 0755 %{buildroot}%{_mavenpomdir} +install -pm 0644 %{SOURCE2} %{buildroot}%{_mavenpomdir}/%{name}.pom +%add_maven_depmap %{name}.pom %{name}.jar -a org.connectbot.jbcrypt:jbcrypt + +install -dm 0755 %{buildroot}%{_javadocdir} +cp -r target/site/apidocs %{buildroot}%{_javadocdir}/%{name} +%fdupes -s %{buildroot}%{_javadocdir} + +%files -f .mfiles +%doc README +%license LICENSE + +%files javadoc +%{_javadocdir}/%{name} +%license LICENSE + +%changelog +* Tue Dec 16 2025 BinduSri Adabala - 1.0.2-1 +- Initial CBL-Mariner import from openSUSE Tumbleweed (license: same as "License" tag). +- License verified + +* Tue Mar 12 2024 Fridrich Strba +- Initial packaging of version 1.0.2 diff --git a/SPECS-EXTENDED/trilead-ssh2/0001-Remove-the-dependency-on-google-tink.patch b/SPECS-EXTENDED/trilead-ssh2/0001-Remove-the-dependency-on-google-tink.patch new file mode 100644 index 00000000000..11c9b5f90e4 --- /dev/null +++ b/SPECS-EXTENDED/trilead-ssh2/0001-Remove-the-dependency-on-google-tink.patch @@ -0,0 +1,161 @@ +From 933d197b30e797d4b82eeef1953fd82e617f4cf0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fridrich=20=C5=A0trba?= +Date: Wed, 13 Mar 2024 07:05:36 +0100 +Subject: [PATCH] Remove the dependency on google tink + +--- + .../ssh2/crypto/dh/Curve25519Exchange.java | 85 ------------------- + .../ssh2/crypto/dh/GenericDhExchange.java | 3 - + .../trilead/ssh2/transport/KexManager.java | 9 +- + 3 files changed, 1 insertion(+), 96 deletions(-) + delete mode 100644 src/com/trilead/ssh2/crypto/dh/Curve25519Exchange.java + +diff --git a/src/com/trilead/ssh2/crypto/dh/Curve25519Exchange.java b/src/com/trilead/ssh2/crypto/dh/Curve25519Exchange.java +deleted file mode 100644 +index 01d4ab4..0000000 +--- a/src/com/trilead/ssh2/crypto/dh/Curve25519Exchange.java ++++ /dev/null +@@ -1,85 +0,0 @@ +-package com.trilead.ssh2.crypto.dh; +- +-import com.google.crypto.tink.subtle.X25519; +- +-import java.io.IOException; +-import java.math.BigInteger; +-import java.security.InvalidKeyException; +- +-/** +- * Created by Kenny Root on 1/23/16. +- */ +-public class Curve25519Exchange extends GenericDhExchange { +- public static final String NAME = "curve25519-sha256"; +- public static final String ALT_NAME = "curve25519-sha256@libssh.org"; +- public static final int KEY_SIZE = 32; +- +- private byte[] clientPublic; +- private byte[] clientPrivate; +- private byte[] serverPublic; +- +- public Curve25519Exchange() { +- super(); +- } +- +- /* +- * Used to test known vectors. +- */ +- public Curve25519Exchange(byte[] secret) throws InvalidKeyException { +- if (secret.length != KEY_SIZE) { +- throw new AssertionError("secret must be key size"); +- } +- clientPrivate = secret.clone(); +- } +- +- @Override +- public void init(String name) throws IOException { +- if (!NAME.equals(name) && !ALT_NAME.equals(name)) { +- throw new IOException("Invalid name " + name); +- } +- +- clientPrivate = X25519.generatePrivateKey(); +- try { +- clientPublic = X25519.publicFromPrivate(clientPrivate); +- } catch (InvalidKeyException e) { +- throw new IOException(e); +- } +- } +- +- @Override +- public byte[] getE() { +- return clientPublic.clone(); +- } +- +- @Override +- protected byte[] getServerE() { +- return serverPublic.clone(); +- } +- +- @Override +- public void setF(byte[] f) throws IOException { +- if (f.length != KEY_SIZE) { +- throw new IOException("Server sent invalid key length " + f.length + " (expected " + +- KEY_SIZE + ")"); +- } +- serverPublic = f.clone(); +- try { +- byte[] sharedSecretBytes = X25519.computeSharedSecret(clientPrivate, serverPublic); +- int allBytes = 0; +- for (int i = 0; i < sharedSecretBytes.length; i++) { +- allBytes |= sharedSecretBytes[i]; +- } +- if (allBytes == 0) { +- throw new IOException("Invalid key computed; all zeroes"); +- } +- sharedSecret = new BigInteger(1, sharedSecretBytes); +- } catch (InvalidKeyException e) { +- throw new IOException(e); +- } +- } +- +- @Override +- public String getHashAlgo() { +- return "SHA-256"; +- } +-} +diff --git a/src/com/trilead/ssh2/crypto/dh/GenericDhExchange.java b/src/com/trilead/ssh2/crypto/dh/GenericDhExchange.java +index c2436e3..a63b9fd 100644 +--- a/src/com/trilead/ssh2/crypto/dh/GenericDhExchange.java ++++ b/src/com/trilead/ssh2/crypto/dh/GenericDhExchange.java +@@ -29,9 +29,6 @@ public abstract class GenericDhExchange + } + + public static GenericDhExchange getInstance(String algo) { +- if (Curve25519Exchange.NAME.equals(algo) || Curve25519Exchange.ALT_NAME.equals(algo)) { +- return new Curve25519Exchange(); +- } + if (algo.startsWith("ecdh-sha2-")) { + return new EcDhExchange(); + } else { +diff --git a/src/com/trilead/ssh2/transport/KexManager.java b/src/com/trilead/ssh2/transport/KexManager.java +index c2ec2b0..2c8056a 100644 +--- a/src/com/trilead/ssh2/transport/KexManager.java ++++ b/src/com/trilead/ssh2/transport/KexManager.java +@@ -17,7 +17,6 @@ import com.trilead.ssh2.crypto.CryptoWishList; + import com.trilead.ssh2.crypto.KeyMaterial; + import com.trilead.ssh2.crypto.cipher.BlockCipher; + import com.trilead.ssh2.crypto.cipher.BlockCipherFactory; +-import com.trilead.ssh2.crypto.dh.Curve25519Exchange; + import com.trilead.ssh2.crypto.dh.DhGroupExchange; + import com.trilead.ssh2.crypto.dh.GenericDhExchange; + import com.trilead.ssh2.crypto.digest.MessageMac; +@@ -397,8 +396,6 @@ public class KexManager implements MessageHandler + + if ("ecdh-sha2-nistp521".equals(algo)) + continue; +- if (Curve25519Exchange.NAME.equals(algo)||Curve25519Exchange.ALT_NAME.equals(algo)) +- continue; + throw new IllegalArgumentException("Unknown kex algorithm '" + algo + "'"); + } + } +@@ -489,8 +486,6 @@ public class KexManager implements MessageHandler + } + + if (kxs.np.kex_algo.equals("diffie-hellman-group1-sha1") +- || kxs.np.kex_algo.equals(Curve25519Exchange.NAME) +- || kxs.np.kex_algo.equals(Curve25519Exchange.ALT_NAME) + || kxs.np.kex_algo.equals("diffie-hellman-group14-sha1") + || kxs.np.kex_algo.equals("ecdh-sha2-nistp521") + || kxs.np.kex_algo.equals("ecdh-sha2-nistp384") +@@ -630,9 +625,7 @@ public class KexManager implements MessageHandler + || kxs.np.kex_algo.equals("diffie-hellman-group14-sha1") + || kxs.np.kex_algo.equals("ecdh-sha2-nistp256") + || kxs.np.kex_algo.equals("ecdh-sha2-nistp384") +- || kxs.np.kex_algo.equals("ecdh-sha2-nistp521") +- || kxs.np.kex_algo.equals(Curve25519Exchange.NAME) +- || kxs.np.kex_algo.equals(Curve25519Exchange.ALT_NAME)) ++ || kxs.np.kex_algo.equals("ecdh-sha2-nistp521")) + { + if (kxs.state == 1) + { +-- +2.44.0 + diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml new file mode 100644 index 00000000000..f8891606cb2 --- /dev/null +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml @@ -0,0 +1,113 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json index f9cd1a1fd34..a5048923ac7 100644 --- a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json @@ -1,5 +1,6 @@ { "Signatures": { - "trilead-ssh2-build217-jenkins-8.tar.gz": "2ad363bbeba25f4e53c2d7a0c3755ba7e531ef074408a61369a01bf2170076bf" + "build-217-jenkins-293.v56de4d4d3515.tar.gz": "d60069b24166f8ab767cff1c6e29ab863ea8e58bf75d7c0a91dede6fb4616ebf", + "trilead-ssh2-build.xml": "bf1853738a7f8018e61bbd35078b027009aaf7f785b929b2b10c9c5516933cce" } -} +} \ No newline at end of file diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec index 16799356d0f..fc7362e3917 100644 --- a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec @@ -3,7 +3,7 @@ Distribution: Azure Linux # # spec file for package trilead-ssh2 # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,18 +19,26 @@ Distribution: Azure Linux %global buildver 217 -%global patchlvl 8 +%global patchlvl 293 +%global githash v56de4d4d3515 + Name: trilead-ssh2 -Version: %{buildver}.%{patchlvl} -Release: 2%{?dist} +Version: %{buildver}.%{patchlvl}.%{githash} +Release: 1%{?dist} Summary: SSH-2 protocol implementation in pure Java License: BSD-3-Clause AND MIT Group: Development/Libraries/Java URL: https://github.com/jenkinsci/trilead-ssh2 -Source0: https://github.com/jenkinsci/%{name}/archive/%{name}-build%{buildver}-jenkins-%{patchlvl}.tar.gz +Source0: https://github.com/jenkinsci/%{name}/archive/refs/tags/build-%{buildver}-jenkins-%{patchlvl}.%{githash}.tar.gz +Source1: %{name}-build.xml +Patch0: 0001-Remove-the-dependency-on-google-tink.patch +BuildRequires: ant +BuildRequires: ed25519-java BuildRequires: fdupes -BuildRequires: java-devel -BuildRequires: javapackages-local-bootstrap +BuildRequires: java-devel >= 1.8 +BuildRequires: javapackages-local-bootstrap >= 6 +BuildRequires: javapackages-tools +BuildRequires: jbcrypt BuildArch: noarch %description @@ -49,19 +57,22 @@ Group: Documentation/HTML API documentation for %{name}. %prep -%setup -q -n %{name}-%{name}-build%{buildver}-jenkins-%{patchlvl} +%setup -q -n %{name}-build-%{buildver}-jenkins-%{patchlvl}.%{githash} +%patch -P 0 -p1 +cp %{SOURCE1} build.xml + +%pom_remove_dep :tink +%pom_xpath_set pom:project/pom:version "build-%{buildver}-jenkins-%{patchlvl}.%{githash}" %build -mkdir -p build/classes -javac -d build/classes -source 6 -target 6 $(find src -name \*.java | xargs) -(cd build/classes && jar cf ../%{name}-%{version}.jar $(find . -name \*.class)) -mkdir -p build/docs -javadoc -d build/docs -source 6 $(find src -name \*.java | xargs) -Xdoclint:none +mkdir -p lib +build-jar-repository -s lib eddsa jbcrypt +%{ant} package javadoc %install # jars install -d -m 0755 %{buildroot}%{_javadir} -install -m 644 build/%{name}-%{version}.jar %{buildroot}%{_javadir}/%{name}.jar +install -m 644 target/%{name}-*.jar %{buildroot}%{_javadir}/%{name}.jar # pom install -d -m 755 %{buildroot}%{_mavenpomdir} @@ -70,7 +81,7 @@ install -pm 644 pom.xml %{buildroot}%{_mavenpomdir}/%{name}.pom # javadoc install -d -m 755 %{buildroot}%{_javadocdir}/%{name} -cp -aL build/docs/* %{buildroot}%{_javadocdir}/%{name} +cp -aL target/site/apidocs/* %{buildroot}%{_javadocdir}/%{name} %fdupes -s %{buildroot}%{_javadocdir}/%{name} %files -f .mfiles @@ -82,6 +93,10 @@ cp -aL build/docs/* %{buildroot}%{_javadocdir}/%{name} %{_javadocdir}/%{name} %changelog +* Tue Dec 16 2025 BinduSri Adabala - 217.293.v56de4d4d3515-1 +- Upgrade to 217.293.v56de4d4d3515 +- License verified + * Thu Oct 14 2021 Pawel Winogrodzki - 217.8-2 - Converting the 'Release' tag to the '[number].[distribution]' format. @@ -94,4 +109,4 @@ cp -aL build/docs/* %{buildroot}%{_javadocdir}/%{name} - Fix the license tag and clean up the spec file a bit * Wed Oct 24 2018 Fridrich Strba - Initial packaging built manually without maven. Spec file adapted - from Fedora rpm. + from Fedora rpm. \ No newline at end of file diff --git a/cgmanifest.json b/cgmanifest.json index 4c5fd1c6727..58957f6b951 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -3163,6 +3163,16 @@ } } }, + { + "component": { + "type": "other", + "other": { + "name": "ed25519-java", + "version": "0.3.0", + "downloadUrl": "https://github.com/str4d/ed25519-java/archive/v0.3.0/ed25519-java-0.3.0.tar.gz" + } + } + }, { "component": { "type": "other", @@ -7836,6 +7846,16 @@ } } }, + { + "component": { + "type": "other", + "other": { + "name": "jbcrypt", + "version": "1.0.2", + "downloadUrl": "https://github.com/kruton/jbcrypt/archive/refs/tags/1.0.2.tar.gz" + } + } + }, { "component": { "type": "other", @@ -29266,8 +29286,8 @@ "type": "other", "other": { "name": "trilead-ssh2", - "version": "217.8", - "downloadUrl": "https://github.com/jenkinsci/trilead-ssh2/archive/trilead-ssh2-build217-jenkins-8.tar.gz" + "version": "217.293.v56de4d4d3515", + "downloadUrl": "https://github.com/jenkinsci/trilead-ssh2/archive/refs/tags/build-217-jenkins-293.v56de4d4d3515.tar.gz" } } }, From b0531b87de47d86f4d46bee5c839a2c1a733193e Mon Sep 17 00:00:00 2001 From: BinduSri-6522866 Date: Wed, 17 Dec 2025 08:09:38 +0000 Subject: [PATCH 2/3] address review comments --- SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec index fc7362e3917..1ca9d1a31ee 100644 --- a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec @@ -57,8 +57,7 @@ Group: Documentation/HTML API documentation for %{name}. %prep -%setup -q -n %{name}-build-%{buildver}-jenkins-%{patchlvl}.%{githash} -%patch -P 0 -p1 +%autosetup -n %{name}-build-%{buildver}-jenkins-%{patchlvl}.%{githash} -p1 cp %{SOURCE1} build.xml %pom_remove_dep :tink From dbf4755a633b9e07e6ad005bcaa613318c6c8b6b Mon Sep 17 00:00:00 2001 From: BinduSri-6522866 Date: Fri, 19 Dec 2025 04:38:27 +0000 Subject: [PATCH 3/3] Upgrade trilead-ssh2 version to 217.371.vc1d30dc5a_b_32 --- SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml | 2 +- .../trilead-ssh2/trilead-ssh2.signatures.json | 4 ++-- SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec | 10 +++++----- cgmanifest.json | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml index f8891606cb2..185ad5ae06e 100644 --- a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2-build.xml @@ -10,7 +10,7 @@ - + diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json index a5048923ac7..be189b068a3 100644 --- a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { - "build-217-jenkins-293.v56de4d4d3515.tar.gz": "d60069b24166f8ab767cff1c6e29ab863ea8e58bf75d7c0a91dede6fb4616ebf", - "trilead-ssh2-build.xml": "bf1853738a7f8018e61bbd35078b027009aaf7f785b929b2b10c9c5516933cce" + "build-217-jenkins-371.vc1d30dc5a_b_32.tar.gz": "d073e97c33b20131f15075db4e5a1996e75e9236ee407232997ca8e1a846863f", + "trilead-ssh2-build.xml": "26a06a32d27d8a16982222150a6c8c53eeef63d0ef1d7bd9e2dfdcff35f0b618" } } \ No newline at end of file diff --git a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec index 1ca9d1a31ee..44e00244a5f 100644 --- a/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec +++ b/SPECS-EXTENDED/trilead-ssh2/trilead-ssh2.spec @@ -19,8 +19,8 @@ Distribution: Azure Linux %global buildver 217 -%global patchlvl 293 -%global githash v56de4d4d3515 +%global patchlvl 371 +%global githash vc1d30dc5a_b_32 Name: trilead-ssh2 Version: %{buildver}.%{patchlvl}.%{githash} @@ -35,7 +35,7 @@ Patch0: 0001-Remove-the-dependency-on-google-tink.patch BuildRequires: ant BuildRequires: ed25519-java BuildRequires: fdupes -BuildRequires: java-devel >= 1.8 +BuildRequires: java-devel >= 1.9 BuildRequires: javapackages-local-bootstrap >= 6 BuildRequires: javapackages-tools BuildRequires: jbcrypt @@ -92,8 +92,8 @@ cp -aL target/site/apidocs/* %{buildroot}%{_javadocdir}/%{name} %{_javadocdir}/%{name} %changelog -* Tue Dec 16 2025 BinduSri Adabala - 217.293.v56de4d4d3515-1 -- Upgrade to 217.293.v56de4d4d3515 +* Fri Dec 19 2025 BinduSri Adabala - 217.371.vc1d30dc5a_b_32-1 +- Upgrade to 217.371.vc1d30dc5a_b_32 - License verified * Thu Oct 14 2021 Pawel Winogrodzki - 217.8-2 diff --git a/cgmanifest.json b/cgmanifest.json index 58957f6b951..376c2493cda 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -29286,8 +29286,8 @@ "type": "other", "other": { "name": "trilead-ssh2", - "version": "217.293.v56de4d4d3515", - "downloadUrl": "https://github.com/jenkinsci/trilead-ssh2/archive/refs/tags/build-217-jenkins-293.v56de4d4d3515.tar.gz" + "version": "217.371.vc1d30dc5a_b_32", + "downloadUrl": "https://github.com/jenkinsci/trilead-ssh2/archive/refs/tags/build-217-jenkins-371.vc1d30dc5a_b_32.tar.gz" } } },