From e21fe8c3a4007c4a10f67e9e8107c3f083002f06 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 16:40:05 +0200
Subject: Adding debian version 1:9.2p1-2+deb12u2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/patches/package-versioning.patch | 47 +++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 debian/patches/package-versioning.patch

(limited to 'debian/patches/package-versioning.patch')

diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
new file mode 100644
index 0000000..8529c23
--- /dev/null
+++ b/debian/patches/package-versioning.patch
@@ -0,0 +1,47 @@
+From 720ad1a8e62ff52438766b49f8413ac55b17f570 Mon Sep 17 00:00:00 2001
+From: Matthew Vernon <matthew@debian.org>
+Date: Sun, 9 Feb 2014 16:10:05 +0000
+Subject: Include the Debian version in our identification
+
+This makes it easier to audit networks for versions patched against security
+vulnerabilities.  It has little detrimental effect, as attackers will
+generally just try attacks rather than bothering to scan for
+vulnerable-looking version strings.  (However, see debian-banner.patch.)
+
+Forwarded: not-needed
+Last-Update: 2021-11-05
+
+Patch-Name: package-versioning.patch
+---
+ kex.c     | 2 +-
+ version.h | 7 ++++++-
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/kex.c b/kex.c
+index c259e00fc..32858e65c 100644
+--- a/kex.c
++++ b/kex.c
+@@ -1290,7 +1290,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
+ 	if (version_addendum != NULL && *version_addendum == '\0')
+ 		version_addendum = NULL;
+ 	if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
+-	    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
++	    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
+ 	    version_addendum == NULL ? "" : " ",
+ 	    version_addendum == NULL ? "" : version_addendum)) != 0) {
+ 		oerrno = errno;
+diff --git a/version.h b/version.h
+index d83ae5b94..a7d5ecef6 100644
+--- a/version.h
++++ b/version.h
+@@ -3,4 +3,9 @@
+ #define SSH_VERSION	"OpenSSH_9.2"
+ 
+ #define SSH_PORTABLE	"p1"
+-#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
++#define SSH_RELEASE_MINIMUM	SSH_VERSION SSH_PORTABLE
++#ifdef SSH_EXTRAVERSION
++#define SSH_RELEASE	SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
++#else
++#define SSH_RELEASE	SSH_RELEASE_MINIMUM
++#endif
-- 
cgit v1.2.3