added seccomp-sandbox patch to fix crash seen on x86 (see https://bugzilla.redhat.com/show_bug.cgi?id=1897712 ) [release 8.4p1-2mamba;Sat Feb 06 2021]

openssh-8.4p1-sandbox-seccomp.patch

@@ -0,0 +1,14 @@
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
+index e0768c06..5065ae7e 100644
+--- a/sandbox-seccomp-filter.c
++++ b/sandbox-seccomp-filter.c
+@@ -267,6 +267,9 @@ static const struct sock_filter preauth_insns[] = {
+ #ifdef __NR_pselect6
+ 	SC_ALLOW(__NR_pselect6),
+ #endif
++#ifdef __NR_pselect6_time64
++	SC_ALLOW(__NR_pselect6_time64),
++#endif
+ #ifdef __NR_read
+ 	SC_ALLOW(__NR_read),
+ #endif

openssh.spec

@@ -7,7 +7,7 @@
 
 Name:          openssh
 Version:       8.4p1
-Release:       1mamba
+Release:       2mamba
 Summary:       OpenSSH free Secure Shell (SSH) implementation
 Group:         Network/Security
 Vendor:        openmamba
@@ -23,6 +23,7 @@ Source5:       openssh-sshd.socket
 Source6:       openssh-sshd.conf
 Patch0:        openssh-8.4p1-ssh_config.patch
 Patch1:        openssh-8.2p1-arm-glibc-2.31.patch
+Patch2:        openssh-8.4p1-sandbox-seccomp.patch
 License:       BSD
 ## AUTOBUILDREQ-BEGIN
 BuildRequires: glibc-devel
@@ -129,6 +130,7 @@ A Gtk2 SSH passphrase requester.
 %ifarch arm
 %patch1 -p1
 %endif
+%patch2 -p1
 
 %build
 # note: --with-rand-helper unneeded for Linux
@@ -300,6 +302,9 @@ exit 0
 %{_libexecdir}/openssh/ssh-askpass
 
 %changelog
+* Sat Feb 06 2021 Silvan Calarco <silvan.calarco@mambasoft.it> 8.4p1-2mamba
+- added seccomp-sandbox patch to fix crash seen on x86 (see https://bugzilla.redhat.com/show_bug.cgi?id=1897712 )
+
 * Mon Oct 05 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 8.4p1-1mamba
 - update to 8.4p1