rpms/openssh
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
847 Commits 32 Branches 239 Tags 9.6 MiB
26cec0607f
Commit Graph

847 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
26cec0607f openssh-7.4p1-2 + 0.10.2-5 2017-02-06 09:47:28 +01:00
Jakub Jelen
640dfa350e Set environment variable to avoid race condition with systemd (#1415218) 2017-02-06 09:41:32 +01:00
Jakub Jelen
4a6ef41937 Do not overwrite N and E for RSA-certs in ssh-agent (#1416584) 2017-02-03 11:06:19 +01:00
Jakub Jelen
28ff3aa1c5 Correct path to crypto policies 2017-01-06 13:00:16 +01:00
Jakub Jelen
b19926d292 openssh-7.4p1-1 + 0.10.2-5 2017-01-03 14:31:29 +01:00
Jakub Jelen
58f79a27c3 Whitelist /usr/lib64/ for PKCS#11 modules 2017-01-03 14:31:29 +01:00
Jakub Jelen
6cf9b8e61b rebase to openssh-7.4p1-1 
* Drop unaccepted (unapplying) coverity patches
 * Drop server support for SSH1 (server)
 * Workaround #2641 for systemd
 * UseLogin is gone
 * Drop upstream commit 28652bca
 * Tighten seccomp filter (cache credentials before entering sandbox) (#1395288)
 2017-01-03 14:31:20 +01:00
Jakub Jelen
4189cebf7a Cache supported OIDS for GSSAPI kex (#1395288) 2017-01-03 14:31:20 +01:00
Jakub Jelen
dd8e5419eb Fix use-after-free error (#1409433) 2017-01-03 14:30:50 +01:00
Jakub Jelen
38869a3406 Prevent hangs with long MOTD (filling buffers and blocking) 2016-12-20 17:31:03 +01:00
Jakub Jelen
d8c2e8dc88 openssh-7.3p1-7 + 0.10.2-4 2016-12-08 14:13:32 +01:00
Jakub Jelen
162941961a Move MAX_DISPLAYS to a configuration option 2016-12-08 14:13:32 +01:00
Jakub Jelen
4ce5741703 Properly deserialize received RSA certificates in ssh-agent (#1402029) 2016-12-08 13:50:08 +01:00
Jakub Jelen
7bccf7e6e0 openssh-7.3p1-6 + 0.10.2-4 2016-11-16 11:07:41 +01:00
Jakub Jelen
ef1da17783 GSSAPI requires futex syscall in privsep child (#1395288) 2016-11-16 08:48:33 +01:00
Jakub Jelen
ccf623128a Fix changelog 2016-11-07 09:33:43 +01:00
Jakub Jelen
2a8bce34e4 openssh-7.3p1-5 + 0.10.2-4 2016-10-27 18:26:25 +02:00
Jakub Jelen
aacf0d429a OpenSSL 1.1.0 compat 2016-10-27 17:19:17 +02:00
Jakub Jelen
ecc9f8d02b When doing chroot 
* we should not drop any capabilities for root
 * we should not clear bounding capabilities for other users
 * we should probably retain the supplement groups
 2016-10-21 14:50:42 +02:00
Jakub Jelen
c9d9fe9b0f Recommend crypto-policies for a client package 2016-10-11 10:29:50 +02:00
Jakub Jelen
d924bc6892 openssh-7.3p1-4 + 0.10.2-4 2016-09-29 14:14:19 +02:00
Jakub Jelen
639ae2c73c Include client Crypto Policy (#1225752) 2016-09-29 14:14:19 +02:00
Jakub Jelen
ae831ab305 Fix NULL derefence (#1380297) 
https://anongit.mindrot.org/openssh.git/patch/?id=28652bca29046f62c7045e933e6b931de1d16737
 2016-09-29 11:15:13 +02:00
Jakub Jelen
739842b137 Make the code build without SELinux and without Audit 2016-09-15 16:36:04 +02:00
Jakub Jelen
0a605f4d31 openssh-7.3p1-3 + 0.10.2-4 2016-08-15 12:20:15 +02:00
Jakub Jelen
38d533a5e1 Proper content of the included configuration files 2016-08-15 12:18:50 +02:00
Jakub Jelen
73953d29f1 openssh-7.3p1-2 + 0.10.2-4 2016-08-09 10:32:01 +02:00
Jakub Jelen
88f3a752ae openssh-7.3p1-1. + 0.10.2-4 2016-08-09 08:24:35 +02:00
Jakub Jelen
90ffc35e29 Correct permissions on the ssh_config directory (#1365270) 2016-08-09 08:23:44 +02:00
Jakub Jelen
7ea4bdf410 forgotten sources 2016-08-05 15:50:24 +02:00
Jakub Jelen
a711d3c82f openssh-7.3p1-1 + 0.10.2-4 2016-08-04 13:57:21 +02:00
Jakub Jelen
6454089e75 Create include directory with example content (redhat modifications) 2016-08-04 13:57:21 +02:00
Jakub Jelen
334feb284c Do not build ssh-keycat with sshd LIBS 2016-08-04 13:57:21 +02:00
Jakub Jelen
b165161da2 When we don't listen for the clients, num_listen_socks is -1 2016-08-04 13:57:21 +02:00
Jakub Jelen
6da7f4d0ed Drop SCP progressmeter patch because of reworked UTF-8 API (tracked upstream #2434) 2016-08-04 13:57:02 +02:00
Jakub Jelen
b487a6d746 Move old canohost.h API to shared place, so it can be used by audit and gssapi (states) 2016-08-04 11:00:00 +02:00
Jakub Jelen
5878ebb50e Most of the coverity patch applied upstream, context changes for rebase 2016-08-04 10:59:59 +02:00
Jakub Jelen
70c2ac20bd CVE-2016-6210 is fixed upstream 2016-08-04 10:59:59 +02:00
Jakub Jelen
13a7aaf5e3 CVE-2015-8325 and certificate regression are fixed upstream 2016-08-04 10:59:59 +02:00
Jakub Jelen
38e1dfa80d Upstream bug #2477 applied 2016-08-04 10:59:59 +02:00
Jakub Jelen
4bd77fcccc seccomp for secondary architecures patch already upstream (#2590) 2016-08-04 10:59:59 +02:00
Jakub Jelen
05bc93847e Bug #2281 resolved upstream 2016-08-04 10:59:59 +02:00
Jakub Jelen
178ce15f5a UTF-8 banners resolved by upstream bug #2058 2016-08-04 10:59:59 +02:00
Jakub Jelen
14320ca590 The upstream bug #2257 is fixed 2016-08-04 10:59:59 +02:00
Jakub Jelen
82bfd19e51 openssh-7.2p2-11 + 0.10.2-3 2016-07-26 15:41:29 +02:00
Jakub Jelen
6a7dd92929 Remove legacy sshd-keygen (#1359762) 
Revert "Add legacy sshd-keygen for anaconda (#1331077)"

This reverts commit 0b5300a59c.
 2016-07-26 15:41:29 +02:00
Jakub Jelen
793bc4b1cc Remove slogin symlinks (#1359762) 
Revert "Restore slogin symlinks"

This reverts commit e762f7265e.
 2016-07-26 15:41:29 +02:00
Jakub Jelen
b4df5ebb8d Rework SELinux context handling with chroot using libcap-ng (#1357860) 2016-07-26 15:40:30 +02:00
Jakub Jelen
9dc741314f openssh-7.2p2-10 + 0.10.2-3 2016-07-18 13:55:58 +02:00
Jakub Jelen
1057900209 Prevent user enumeration via timing channel (CVE-2016-6210) 2016-07-18 13:30:52 +02:00