diff --git a/openssh-5.5p1-stderr.patch b/openssh-5.5p1-stderr.patch
index ef35d80..633d30e 100644
--- a/openssh-5.5p1-stderr.patch
+++ b/openssh-5.5p1-stderr.patch
@@ -1,6 +1,45 @@
+diff -up openssh-5.5p1/channels.c.stderr openssh-5.5p1/channels.c
+--- openssh-5.5p1/channels.c.stderr	2010-06-23 15:20:30.000000000 +0200
++++ openssh-5.5p1/channels.c	2010-06-23 15:23:06.000000000 +0200
+@@ -838,8 +838,9 @@ channel_pre_open(Channel *c, fd_set *rea
+ 		if (c->extended_usage == CHAN_EXTENDED_WRITE &&
+ 		    buffer_len(&c->extended) > 0)
+ 			FD_SET(c->efd, writeset);
+-		else if (!(c->flags & CHAN_EOF_SENT) &&
+-		    c->extended_usage == CHAN_EXTENDED_READ &&
++		else if (c->efd != -1 && !(c->flags & CHAN_EOF_SENT) &&
++		    (c->extended_usage == CHAN_EXTENDED_READ ||
++		    c->extended_usage == CHAN_EXTENDED_IGNORE) &&
+ 		    buffer_len(&c->extended) < c->remote_window)
+ 			FD_SET(c->efd, readset);
+ 	}
+@@ -1759,7 +1760,9 @@ channel_handle_efd(Channel *c, fd_set *r
+ 				buffer_consume(&c->extended, len);
+ 				c->local_consumed += len;
+ 			}
+-		} else if (c->extended_usage == CHAN_EXTENDED_READ &&
++		} else if (c->efd != -1 &&
++		    (c->extended_usage == CHAN_EXTENDED_READ ||
++		    c->extended_usage == CHAN_EXTENDED_IGNORE) &&
+ 		    (c->detach_close || FD_ISSET(c->efd, readset))) {
+ 			len = read(c->efd, buf, sizeof(buf));
+ 			debug2("channel %d: read %d from efd %d",
+@@ -1772,7 +1775,11 @@ channel_handle_efd(Channel *c, fd_set *r
+ 				    c->self, c->efd);
+ 				channel_close_fd(&c->efd);
+ 			} else {
+-				buffer_append(&c->extended, buf, len);
++				if (c->extended_usage == CHAN_EXTENDED_IGNORE) {
++					debug3("channel %d: discard efd",
++					    c->self);
++				} else
++					buffer_append(&c->extended, buf, len);
+ 			}
+ 		}
+ 	}
 diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
---- openssh-5.5p1/session.c.stderr	2010-04-26 10:35:35.000000000 +0200
-+++ openssh-5.5p1/session.c	2010-04-26 10:41:11.000000000 +0200
+--- openssh-5.5p1/session.c.stderr	2010-06-23 15:20:29.000000000 +0200
++++ openssh-5.5p1/session.c	2010-06-23 15:23:55.000000000 +0200
 @@ -47,6 +47,7 @@
  #include <arpa/inet.h>
  
@@ -9,7 +48,21 @@ diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
  #include <grp.h>
  #ifdef HAVE_PATHS_H
  #include <paths.h>
-@@ -447,6 +448,9 @@ do_exec_no_pty(Session *s, const char *c
+@@ -104,7 +105,7 @@
+ /* func */
+ 
+ Session *session_new(void);
+-void	session_set_fds(Session *, int, int, int, int);
++void	session_set_fds(Session *, int, int, int, int, int);
+ void	session_pty_cleanup(Session *);
+ void	session_proctitle(Session *);
+ int	session_setup_x11fwd(Session *);
+@@ -443,10 +444,14 @@ int
+ do_exec_no_pty(Session *s, const char *command)
+ {
+ 	pid_t pid;
++	int ignore_fderr = 0;
+ 
  #ifdef USE_PIPES
  	int pin[2], pout[2], perr[2];
  
@@ -19,39 +72,21 @@ diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
  	/* Allocate pipes for communicating with the program. */
  	if (pipe(pin) < 0) {
  		error("%s: pipe in: %.100s", __func__, strerror(errno));
-@@ -458,33 +462,59 @@ do_exec_no_pty(Session *s, const char *c
- 		close(pin[1]);
+@@ -459,32 +464,38 @@ do_exec_no_pty(Session *s, const char *c
  		return -1;
  	}
--	if (pipe(perr) < 0) {
+ 	if (pipe(perr) < 0) {
 -		error("%s: pipe err: %.100s", __func__, strerror(errno));
--		close(pin[0]);
--		close(pin[1]);
--		close(pout[0]);
--		close(pout[1]);
--		return -1;
-+	if (s->is_subsystem) {
-+	    	if ((perr[1] = open(_PATH_DEVNULL, O_WRONLY)) == -1) {
-+			error("%s: open(%s): %s", __func__, _PATH_DEVNULL,
-+			    strerror(errno));
-+			close(pin[0]);
-+			close(pin[1]);
-+			close(pout[0]);
-+			close(pout[1]);
-+			return -1;
-+		}
-+		perr[0] = -1;
-+	} else {
-+		if (pipe(perr) < 0) {
-+			error("%s: pipe err: %.100s", __func__,
-+			    strerror(errno));
-+			close(pin[0]);
-+			close(pin[1]);
-+			close(pout[0]);
-+			close(pout[1]);
-+			return -1;
-+		}
++		error("%s: pipe err: %.100s", __func__,
++		    strerror(errno));
+ 		close(pin[0]);
+ 		close(pin[1]);
+ 		close(pout[0]);
+ 		close(pout[1]);
+ 		return -1;
  	}
++	if (s->is_subsystem)
++		ignore_fderr = 1;
  #else
  	int inout[2], err[2];
  
@@ -63,29 +98,16 @@ diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
  		error("%s: socketpair #1: %.100s", __func__, strerror(errno));
  		return -1;
  	}
--	if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) {
+ 	if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) {
 -		error("%s: socketpair #2: %.100s", __func__, strerror(errno));
--		close(inout[0]);
--		close(inout[1]);
--		return -1;
-+	if (s->is_subsystem) {
-+	    	if ((err[0] = open(_PATH_DEVNULL, O_WRONLY)) == -1) {
-+			error("%s: open(%s): %s", __func__, _PATH_DEVNULL,
-+			    strerror(errno));
-+			close(inout[0]);
-+			close(inout[1]);
-+			return -1;
-+		}
-+		err[1] = -1;
-+	} else {
-+		if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) {
-+			error("%s: socketpair #2: %.100s", __func__,
-+			    strerror(errno));
-+			close(inout[0]);
-+			close(inout[1]);
-+			return -1;
-+		}
++		error("%s: socketpair #2: %.100s", __func__,
++		    strerror(errno));
+ 		close(inout[0]);
+ 		close(inout[1]);
+ 		return -1;
  	}
++	if (s->is_subsystem)
++		ignore_fderr = 1;
  #endif
  
 -	if (s == NULL)
@@ -94,45 +116,7 @@ diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
  	session_proctitle(s);
  
  	/* Fork the child. */
-@@ -496,13 +526,15 @@ do_exec_no_pty(Session *s, const char *c
- 		close(pin[1]);
- 		close(pout[0]);
- 		close(pout[1]);
--		close(perr[0]);
-+		if (perr[0] != -1)
-+			close(perr[0]);
- 		close(perr[1]);
- #else
- 		close(inout[0]);
- 		close(inout[1]);
- 		close(err[0]);
--		close(err[1]);
-+		if (err[1] != -1)
-+			close(err[1]);
- #endif
- 		return -1;
- 	case 0:
-@@ -536,7 +568,8 @@ do_exec_no_pty(Session *s, const char *c
- 		close(pout[1]);
- 
- 		/* Redirect stderr. */
--		close(perr[0]);
-+		if (perr[0] != -1)
-+			close(perr[0]);
- 		if (dup2(perr[1], 2) < 0)
- 			perror("dup2 stderr");
- 		close(perr[1]);
-@@ -547,7 +580,8 @@ do_exec_no_pty(Session *s, const char *c
- 		 * seem to depend on it.
- 		 */
- 		close(inout[1]);
--		close(err[1]);
-+		if (err[1] != -1)
-+			close(err[1]);
- 		if (dup2(inout[0], 0) < 0)	/* stdin */
- 			perror("dup2 stdin");
- 		if (dup2(inout[0], 1) < 0)	/* stdout (same as stdin) */
-@@ -595,10 +629,6 @@ do_exec_no_pty(Session *s, const char *c
+@@ -595,11 +606,7 @@ do_exec_no_pty(Session *s, const char *c
  	close(perr[1]);
  
  	if (compat20) {
@@ -140,10 +124,12 @@ diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
 -			close(perr[0]);
 -			perr[0] = -1;
 -		}
- 		session_set_fds(s, pin[1], pout[0], perr[0], 0);
+-		session_set_fds(s, pin[1], pout[0], perr[0], 0);
++		session_set_fds(s, pin[1], pout[0], perr[0], ignore_fderr, 0);
  	} else {
  		/* Enter the interactive session. */
-@@ -615,10 +645,7 @@ do_exec_no_pty(Session *s, const char *c
+ 		server_loop(pid, pin[1], pout[0], perr[0]);
+@@ -615,10 +622,7 @@ do_exec_no_pty(Session *s, const char *c
  	 * handle the case that fdin and fdout are the same.
  	 */
  	if (compat20) {
@@ -151,7 +137,35 @@ diff -up openssh-5.5p1/session.c.stderr openssh-5.5p1/session.c
 -		    s->is_subsystem ? -1 : err[1], 0);
 -		if (s->is_subsystem)
 -			close(err[1]);
-+		session_set_fds(s, inout[1], inout[1], err[1], 0);
++		session_set_fds(s, inout[1], inout[1], err[1], ignore_fderr, 0);
  	} else {
  		server_loop(pid, inout[1], inout[1], err[1]);
  		/* server_loop has closed inout[1] and err[1]. */
+@@ -740,7 +744,7 @@ do_exec_pty(Session *s, const char *comm
+ 	s->ptymaster = ptymaster;
+ 	packet_set_interactive(1);
+ 	if (compat20) {
+-		session_set_fds(s, ptyfd, fdout, -1, 1);
++		session_set_fds(s, ptyfd, fdout, -1, 1, 1);
+ 	} else {
+ 		server_loop(pid, ptyfd, fdout, -1);
+ 		/* server_loop _has_ closed ptyfd and fdout. */
+@@ -2321,7 +2325,8 @@ session_input_channel_req(Channel *c, co
+ }
+ 
+ void
+-session_set_fds(Session *s, int fdin, int fdout, int fderr, int is_tty)
++session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr,
++    int is_tty)
+ {
+ 	if (!compat20)
+ 		fatal("session_set_fds: called for proto != 2.0");
+@@ -2333,7 +2338,7 @@ session_set_fds(Session *s, int fdin, in
+ 		fatal("no channel for session %d", s->self);
+ 	channel_set_fds(s->chanid,
+ 	    fdout, fdin, fderr,
+-	    fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ,
++	    ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ,
+ 	    1, is_tty, CHAN_SES_WINDOW_DEFAULT);
+ }
+ 
diff --git a/openssh.spec b/openssh.spec
index 5970f29..2fcb39b 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -70,7 +70,7 @@
 %endif
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
-%define openssh_rel 13
+%define openssh_rel 14
 %define openssh_ver 5.5p1
 %define pam_ssh_agent_rel 26
 %define pam_ssh_agent_ver 0.9.2
@@ -584,6 +584,9 @@ fi
 %endif
 
 %changelog
+* Wed Jun 23 2010 Jan F. Chadima <jchadima@redhat.com> - 5.5p1-14 + 0.9.2-26
+- sftp works in deviceless chroot again (broken from 5.5p1-3)
+
 * Tue Jun  8 2010 Jan F. Chadima <jchadima@redhat.com> - 5.5p1-13 + 0.9.2-26
 - add option to switch out krb5_kuserok