From 6bb2fcdbfd8f844dc79d4ef0fb85fd78d758f3ed Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@fedoraproject.org>
Date: Oct 03 2006 13:18:31 +0000
Subject: Bump to stay ahead of FC6


---

diff --git a/openssh.spec b/openssh.spec
index 9541dee..8a4a581 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -63,7 +63,7 @@
 Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
 Name: openssh
 Version: 4.3p2
-Release: 9%{?rescue_rel}
+Release: 10%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
 #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
@@ -98,6 +98,8 @@ Patch41: openssh-4.3p2-gssapi-no-spnego.patch
 Patch42: openssh-4.3p2-no-dup-logs.patch
 Patch43: openssh-4.3p2-localtime.patch
 Patch44: openssh-4.3p2-allow-ip-opts.patch
+Patch45: openssh-4.3p2-cve-2006-4924.patch
+Patch46: openssh-3.9p1-cve-2006-5051.patch
 Patch100: openssh-4.3p2-controlpersist.patch
 Patch101: openssh-4.2p1-controldisplay.patch
 Patch102: openssh-4.3p2-multidisplay.patch
@@ -235,6 +237,8 @@ an X11 passphrase dialog for OpenSSH.
 %patch42 -p1 -b .no-dups
 %patch43 -p1 -b .localtime
 %patch44 -p1 -b .ip-opts
+%patch45 -p1 -b .deattack-dos
+%patch46 -p1 -b .sig-no-cleanup
 %patch100 -p1 -b .persist
 %patch101 -p1 -b .cdisplay
 %patch102 -p1 -b .multidisplay
@@ -483,6 +487,11 @@ fi
 %endif
 
 %changelog
+* Mon Oct  2 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-10
+- improve gssapi-no-spnego patch (#208102)
+- CVE-2006-4924 - prevent DoS on deattack detector (#207957)
+- CVE-2006-5051 - don't call cleanups from signal handler (#208459)
+
 * Wed Aug 23 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-9
 - don't report duplicate syslog messages, use correct local time (#189158)
 - don't allow spnego as gssapi mechanism (from upstream)