Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

jsch-0.2.15-3.3 RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

Name: jsch Distribution: openSUSE:Factory:zSystems
Version: 0.2.15 Vendor: openSUSE
Release: 3.3 Build date: Mon Apr 29 14:18:36 2024
Group: Development/Libraries/Java Build host: reproducible
Size: 528542 Source RPM: jsch-0.2.15-3.3.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/mwiede/jsch/
Summary: Pure Java implementation of SSH2
JSch allows you to connect to an sshd server and use port forwarding,
X11 forwarding, file transfer, etc., and you can integrate its
functionality into your own Java programs.

Provides

Requires

License

BSD-3-Clause

Changelog

* Mon Apr 29 2024 Fridrich Strba <fstrba@suse.com>
  - The binaries are compatible with java 1.8
* Wed Feb 21 2024 Gus Kenion <gus.kenion@suse.com>
  - Use %patch -P N instead of deprecated %patchN.
* Wed Dec 20 2023 Gus Kenion <gkenion@suse.com>
  - Upgrade to version 0.2.15, which includes fix for SSH protocol
    vulnerability (bsc#1218134, CVE-2023-48795)
    * Changes in 0.2.15:
      + Address CVE-2023-48795 by adding support for new strict key
      exchange extension
      + Add support for ext-info-in-auth@openssh.com extension
      + Introduce two new config options to control usage of the new
      strict key exchange extension:
      ~ enable_strict_kex (set to yes by default)
      ~ require_strict_kex (set to no by default)
      ~ If either option (or both) is enabled, then JSch will
      attempt to use the new strict key exchange extension.
      ~ If the require_strict_kex option is enabled and JSch detects
      the server does not support it, then JSch will terminate the
      connection and throw an exception.
      ~ If the require_strict_kex option is not enabled and JSch
      detects the server does not support it, then JSch will
      fallback and proceed with the connection without using the
      new extension.
      + This gives users the ability to enable a strong security
      posture if needed and avoid proceeding with connections to
      potentially insecure servers.
    * Changes in 0.2.14:
      + #450 use Socket.connect() with a timeout that has been
      supported since Java 1.4 instead of using old method of
      creating a separate thread and joining to that thread with
      timeout
    * Changes in 0.2.13:
      + #411 Add flush operation from Fix added is/jsch#39,
      with new config option to allow disabling in case it causes
      regressions.
      + #403 add a warning when Channel.getInputStream() or
      Channel.getExtInputStream() is called after Channel.connect().
    * Changes in 0.2.12:
      + Further refine previous fixes for windows line endings in PEM
      keys
      + #392 replace call to BigInteger.intValueExact to remain
      compatible with android api 30
      + Introduce JSchSessionDisconnectException to allow the
      reasonCode to be retrieved without String parsing
      + Introduce specific JSchException for HostKey related failures
    * Changes in 0.2.11:
      + update dependencies changes
      + #369 fix multi-line PEM key parsing to work with windows line
      endings due to regression from previous fix for #362.
    * Changes in 0.2.10:
      + Fix new Java 21 compiler warning: possible 'this' escape
      before subclass is fully initialized
      + Tweak OSGi bundle manifest to allow Log4j 3
      + #362 fix PEM key parsing to work with windows line endings
      + #361 guard against UIKeyboardInteractive implementations that
      include NULL elements in the String[] returned from
      promptKeyboardInteractive()
      + Add a default implmentation of the deprecated decrypt() method
      to the Identity interface that throws an
      UnsupportedOperationException
* Sat Jun 03 2023 Fridrich Strba <fstrba@suse.com>
  - Migrate from com.jcraft:jsch to com.github.mwiede:jsch fork
    (bsc#1211955)
    * Alias to the old artifact since the new one is drop-in
      replacement
    * Keep the old OSGi bundle symbolic name to avoid extensive
      patching of eclipse stack
  - Upgrade to version 0.2.9
    * Changes of 0.2.9
      + various improvements, #295
      ~ #293 allow UserAuthNone to be extended.
      ~ Make JGSS module optional.
      ~ Tweak OSGi bundle manifest:
      ~ Avoid self-import.
      ~ Mark JGSS as optional.
      ~ Loosen import versions of dependencies.
      ~ Correctly adhere to the Multi-release JAR spec by ensuring
      all public classes under versioned directories preside over
      classes present in the top-level directory.
      ~ Eliminate stray System.err.println() calls.
      ~ Change PageantConnector to use JNA's built-in support for
      User32.SendMessage().
      + Improve error handling in InputStream.close() for SFTP
      channels, #331
    * Changes of 0.2.8
      + activate sourcecode formatting, #247
      + build improvements, #279
      + #287 add algorithm type information to algorithm negotiation
      logs, #290
      + wrap NoClassDefFoundError's for invalid private keys, #289 and
      [#290]
    * Changes of 0.2.7
      + #265 change buffer_margin computation to be dynamic based upon
      the MAC to allow connections that advertise small maximum
      packet sizes.
      + #266 fix PuTTY key parsing to work with unix line endings.
      + Add support for ECDSA and EdDSA type PuTTY keys.
      + #71 add support for PuTTY version 3 format keys.
      ~ Encrypted PuTTY version 3 format keys requires Bouncy
      Castle (bcprov-jdk18on).
      + Eliminate KeyPairDeferred and instead change handling of
      OpenSSH V1 type keys to be more like other KeyPair types.
      + Be more vigilant about clearing private key data.
      + Improve PKCS8 key handling and add support for PKCS5 2.1
      encryption.
      + Add support for ECDSA type PKCS8 keys.
      + Add support for SCrypt type KDF for PKCS8 keys.
      ~ PKCS8 keys using SCrypt requires Bouncy Castle
      (bcprov-jdk18on).
      + Add support for EdDSA type PKCS8 keys.
      ~ EdDSA type PKCS8 keys requires Bouncy Castle
      (bcprov-jdk18on).
      + Attempt to authenticate using other signature algorithms
      supported by the same public key.
      ~ Allow this behavior to be disabled via
      try_additional_pubkey_algorithms config option.
      ° Some servers incorrectly respond with
      SSH_MSG_USERAUTH_PK_OK to an initial auth query that they
      don't actually support for RSA keys.
      + Add a new config option enable_pubkey_auth_query to allow
      skipping auth queries and proceed directly to attempting
      full SSH_MSG_USERAUTH_REQUEST's.
      + Add a new config option enable_auth_none to control whether
      an initial auth request for the method none is sent to detect
      all supported auth methods available on the server.
    * Changes of 0.2.6
      + Include host alias instead of the real host in messages and
      exceptions, #257
      + Fix missing keySize set when loading V1 RSA keys, #258
      + Enhancement to present KeyPair.getKeyTypeString() method, #259
    * Changes of 0.2.5
      + Explictly free resources in Compression implementations, #241
      + Fix integration test failures on Apple Silicon by skipping
      OpenSSH 7.4 tests, #227
      + generate osgi bundle manifest data for jar #248, #249
    * Changes of 0.2.4
      + Improved excepton handling by @norrisjeremy in #200
    * Changes of 0.2.3
      + #188 fix private key length checks for ssh-ed25519 and
      ssh-ed448, #189
    * Changes of 0.2.2
      + setup jdk for code-ql analysis, #151
      + misc improvements, #152
      + Fixing Issue #131, #134
      + Update link to bcrypt, #157
    * Changes of 0.2.1
      + Allow to set a Logger per JSch-instance rather than a VM-wide
      one, #128
      + Preliminary changes prior to Javadoc work, #126
      + remove check to allow setting any filename encoding with any
      server version #137, #142
    * Changes of 0.2.0
      + Disable RSA/SHA1 signature algorithm by default #75
      + Add basic Logger implementations that can be optionally
      utilized with JSch.setLogger():
      ~ JulLogger, using java.util.logging.Logger
      ~ JplLogger, using Java 9's JEP 264
      ~ Log4j2Logger, using Apache Log4j 2
      ~ Slf4jLogger, using SLF4J
      + Fix client version to be compliant with RFC 4253 section 4.2
      by not including minus sign characters #115
      + Add java.util.zip based compression implementation #114
      ~ This is based upon the CompressionJUZ implementation posted
      to the JSch-users mailing list in 2012 by the original JSch
      author
      ~ The existing JZlib implementation remains the default to
      maintain strict RFC 4253 section 6.2 compliance
      ° To use the new implementation globally, execute
      JSch.setConfig("zlib@openssh.com",
      "com.jcraft.jsch.juz.Compression") +
      JSch.setConfig("zlib", "com.jcraft.jsch.juz.Compression")
      ° To use the new implementation per session, execute
      session.setConfig("zlib@openssh.com",
      "com.jcraft.jsch.juz.Compression")
      + session.setConfig("zlib",
      "com.jcraft.jsch.juz.Compression")
    * Changes of 0.1.72
      + Switch chacha20-poly1305@openssh.com algorithm to a pure
      Bouncy Castle based implementation
      + implement openssh config behavior to handle append, prepend
      and removal of algorithms #104
    * Changes of 0.1.71
      + Address #98 by restoring JSch.VERSION
    * Changes of 0.1.70
      + Address #89 by fixing rare ECDSA signature validation issue
      + Address #93 by always setting the "want reply" flag for "env"
      type channel requests to false
    * Changes of 0.1.69
      + Address #83 by sending CR LF at the end of the identification
      string
      + Fix earlier change for #76 that failed to correctly make the
      "Host" keyword case-insensitive
      + Fix PageantConnector struct class visibility #86
    * Changes of 0.1.68
      + Added support for the rijndael-cbc@lysator.liu.se algorithm
      + Added support for the hmac-ripemd160,
      hmac-ripemd160@openssh.com and hmac-ripemd160-etm@openssh.com
      algorithms using Bouncy Castle
      + Added support for various algorithms from RFC 4253 and
      RFC 4344 using Bouncy Castle
      ~ cast128-cbc
      ~ cast128-ctr
      ~ twofish-cbc
      ~ twofish128-cbc
      ~ twofish128-ctr
      ~ twofish192-cbc
      ~ twofish192-ctr
      ~ twofish256-cbc
      ~ twofish256-ctr
      + Added support for the seed-cbc@ssh.com algorithm using Bouncy
      Castle
    * Changes of 0.1.67
      + Added support for the blowfish-ctr algorithm from RFC 4344
      + Fix bug where ext-info-c was incorrectly advertised during
      rekeying
      ~ According to RFC 8308 section 2.1, ext-info-c should only
      advertised during the first key exchange
      + Address #77 by attempting to add compatibility with older
      Bouncy Castle releases
    * Changes of 0.1.66
      + Added support for RFC 8308 extension negotiation and
      server-sig-algs extension
      ~ This support is enabled by default, but can be controlled
      via the enable_server_sig_algs config option (or
      jsch.enable_server_sig_algs system property)
      ~ When enabled and a server-sig-algs message is received from
      the server, the algorithms included by the server and also
      present in the PubkeyAcceptedKeyTypes config option will be
      attempted first when using publickey authentication
      ~ Additionally if the server is detected as OpenSSH version
      7.4, the rsa-sha2-256 and rsa-sha2-512 algorithms will be
      added to the received server-sig-algs as a workaround for
      OpenSSH bug 2680
      + Added support for various algorithms supported by Tectia
      (ssh.com):
      ~ diffie-hellman-group14-sha224@ssh.com
      ~ diffie-hellman-group14-sha256@ssh.com
      ~ diffie-hellman-group15-sha256@ssh.com
      ~ diffie-hellman-group15-sha384@ssh.com
      ~ diffie-hellman-group16-sha384@ssh.com
      ~ diffie-hellman-group16-sha512@ssh.com
      ~ diffie-hellman-group18-sha512@ssh.com
      ~ diffie-hellman-group-exchange-sha224@ssh.com
      ~ diffie-hellman-group-exchange-sha384@ssh.com
      ~ diffie-hellman-group-exchange-sha512@ssh.com
      ~ hmac-sha224@ssh.com
      ~ hmac-sha256@ssh.com
      ~ hmac-sha256-2@ssh.com
      ~ hmac-sha384@ssh.com
      ~ hmac-sha512@ssh.com
      ~ ssh-rsa-sha224@ssh.com
      ~ ssh-rsa-sha256@ssh.com
      ~ ssh-rsa-sha384@ssh.com
      ~ ssh-rsa-sha512@ssh.com
      + Added support for SHA224 to FingerprintHash
      + Fixing #52
      + Deprecate void setFilenameEncoding(String encoding) in favor
      of void setFilenameEncoding(Charset encoding) in ChannelSftp
      + Added support for rsa-sha2-256 and rsa-rsa2-512 algorithms to
      ChannelAgentForwarding
      + Address #65 by adding ssh-agent support derived from
      jsch-agent-proxy
      ~ See examples/JSchWithAgentProxy.java for simple example
      ~ ssh-agent support requires either Java 16's JEP 380 or the
      addition of junixsocket to classpath
      ~ Pageant support is untested and requires the addition of JNA
      to classpath
      + Added support for the following algorithms with older Java
      releases by using Bouncy Castle:
      ~ ssh-ed25519
      ~ ssh-ed448
      ~ curve25519-sha256
      ~ curve25519-sha256@libssh.org
      ~ curve448-sha512
      ~ chacha20-poly1305@openssh.com
    * Changes of 0.1.65
      + Added system properties to allow manipulation of various
      crypto algorithms used by default
      + Integrated JZlib, allowing use of zlib@openssh.com and zlib
      compressions without the need to provide the JZlib jar-file
      + Modularized the jar-file for use with Java 9 or newer
      + Added runtime controls for the min/max/preferred sizes used
      for diffie-hellman-group-exchange-sha256 and
      diffie-hellman-group-exchange-sha1
      + Renamed PubkeyAcceptedKeyTypes config to
      PubkeyAcceptedAlgorithms to match recent changes in OpenSSH
      (PubkeyAcceptedKeyTypes is still accepted for backward
      compatibility)
      + Reduced number of algorithms that are runtime checked by
      default via CheckCiphers, CheckMacs, CheckKExes and
      CheckSignatures to improve runtime performance
    * Changes of 0.1.64
      + #55 bug fix
    * Changes of 0.1.63
      + fix for #42
    * Changes 0.1.62
      + #13 reject HostKey with some servers
      + #20 Include TestBCrypt.java unit test
      + #21 Misc cleanup
      + #27 Update Testcontainers to newest version to fix test
      failures
      + #34 NPE with openssh v1 format
    * Changes 0.1.61
      + Add support for chacha20-poly1305@openssh.com, ssh-ed25519,
      ssh-ed448, curve448-sha512, diffie-hellman-group15-sha512
      and diffie-hellman-group17-sha512.
      This makes use of the new EdDSA feature added in Java 15's
      JEP 339. #17
      + added integration test for public key authentication #19
    * Changes of 0.1.60
      + support for openssh-v1-private-key format
      + Fix bug with AEAD ciphers when compression is used. #15
    * Changes of 0.1.59
      + fixing issue #6 (originally from
      https://sourceforge.net/p/jsch/mailman/message/36872566/)
    * Changes of 0.1.58
      + adds support for more algorithms, see #4
    * Changes of 0.1.57
      + support for rsa-sha2-256 and rsa-sha2-512. #1
    * Changes of 0.1.56
      + support for direct-streamlocal@openssh.com
      (see SocketForwardingL.java)
  - Removed patches:
    * jsch-0.1.54-sourcetarget.patch
    * jsch-osgi-manifest.patch
      + both problems are handled differently in the new version
  - Added patches:
    * jsch-junixsocket.patch
      + disable building with dependency that we don't have
    * jsch-log4j.patch
      + disable building with log4j support in order to avoid a
      huge build cycle
* Sat Mar 19 2022 Fridrich Strba <fstrba@suse.com>
  - Modified patch:
    * jsch-0.1.54-sourcetarget.patch
      + build with source/target levels 8
* Tue Apr 07 2020 Fridrich Strba <fstrba@suse.com>
  - Version 0.1.55
* Tue Apr 07 2020 Fridrich Strba <fstrba@suse.com>
  - Added patch:
    * jsch-osgi-manifest.patch
      + create the osgi manifest during the ant build
      + replaces the MANIFEST.MF file
  - Miscellaneous clean-up
* Fri Sep 20 2019 Fridrich Strba <fstrba@suse.com>
  - Remove reference to the parent from pom file, since we are not
    building with maven
* Fri Sep 08 2017 fstrba@suse.com
  - Added patch:
    * jsch-0.1.54-sourcetarget.patch
    - Specify java source and target levels to 1.6, in order to
      allow building with jdk9
* Fri Jun 09 2017 tchvatal@suse.com
  - Build with full java, does not compile with gcj

Files

/usr/share/java/jsch.jar
/usr/share/licenses/jsch
/usr/share/licenses/jsch/LICENSE.txt
/usr/share/maven-metadata/jsch.xml
/usr/share/maven-poms/jsch.pom


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jan 14 23:24:16 2025