Petr Lautrbach
b61d9c10d3
Revert "use hmac_suffix for ssh{,d} hmac checksums"
...
This reverts commit c6724c72f4
.
2013-10-08 17:04:53 +02:00
Petr Lautrbach
0cc0054215
Revert "use {?dist} tag in suffixes for hmac checksum files"
...
This reverts commit 15244ec178
.
2013-10-08 17:04:40 +02:00
Petr Lautrbach
f344f8490c
6.2p2-8 + 0.9.3-5
2013-09-25 14:13:01 +02:00
Petr Lautrbach
15244ec178
use {?dist} tag in suffixes for hmac checksum files
2013-09-20 17:11:49 +02:00
Petr Lautrbach
eba55f9c1b
6.2p2-7 + 0.9.3-5
2013-09-11 16:54:14 +02:00
Petr Lautrbach
c6724c72f4
use hmac_suffix for ssh{,d} hmac checksums
2013-09-11 16:05:58 +02:00
Petr Lautrbach
a19397fdd2
add missing Requires: openssl-fips in -fips subpackages
...
6.2p2-6.1 + 0.9.3-5
2013-08-29 09:32:04 +02:00
Petr Lautrbach
f4e927b62d
6.2p2-6 + 0.9.3-5
2013-08-28 21:28:04 +02:00
Petr Lautrbach
227f4f7628
add -fips subpackages that contains the FIPS module files
2013-08-28 19:37:08 +02:00
Petr Lautrbach
631ffb2c5b
6.2p2-5 + 0.9.3-5
2013-08-01 09:50:41 +02:00
Petr Lautrbach
115aad3f92
6.2p2-4 + 0.9.3-5
2013-07-23 16:01:17 +02:00
Petr Lautrbach
17df27c668
don't show Success for EAI_SYSTEM ( #985964 )
2013-07-23 12:07:49 +02:00
Petr Lautrbach
2ee6810919
make sftp's libedit interface marginally multibyte aware ( #841771 )
2013-06-19 17:10:49 +02:00
Petr Lautrbach
66608a1ded
6.2p2-3 + 0.9.3-5
2013-06-17 17:30:04 +02:00
Petr Lautrbach
e99c4840f1
6.2p2-2 + 0.9.3-5
2013-05-21 18:38:15 +02:00
Petr Lautrbach
678b8081f1
add socket activated sshd units to the package ( #963268 )
2013-05-21 18:37:18 +02:00
Petr Lautrbach
21acbc4795
6.2p2-1 + 0.9.3-5
2013-05-20 09:31:57 +02:00
Petr Lautrbach
d48f1a7bde
always use /sbin/nologin as privsep user's shell
2013-04-24 18:08:00 +02:00
Petr Lautrbach
a92d7445da
6.2p1-4 + 0.9.3-4
2013-04-17 17:12:32 +02:00
Petr Lautrbach
1d76d11f64
cleanup spec file and patches
2013-04-16 18:30:43 +02:00
Petr Lautrbach
c276d31b49
6.2p1-3 + 0.9.3-4
2013-04-16 18:15:20 +02:00
Petr Lautrbach
894ab5eaaf
add latest config.{sub,guess} to support aarch64 ( #926284 )
2013-04-16 18:12:15 +02:00
Petr Lautrbach
1042786f58
6.2p1-2 + 0.9.3-4
2013-04-09 23:25:17 +02:00
Petr Lautrbach
fcef7f6231
keep track of which IndentityFile options were manually supplied and which were default options, and don't warn if the latter are missing. (mindrot#2084)
2013-04-09 23:22:42 +02:00
Petr Lautrbach
b6f89abe5c
6.2p1-1 + 0.9.3-4
2013-04-09 00:07:04 +02:00
Petr Lautrbach
d3d59da0b5
merge all -audit* patches together
2013-04-08 17:17:10 +02:00
Petr Lautrbach
8d97022c57
build regress/modpipe tests with $(CFLAGS)
2013-04-04 16:50:06 +02:00
Petr Lautrbach
8a29dedfa7
rebase to openssh-6.2p1 ( #924727 )
...
ACSS was removed from upstream sources
2013-04-04 16:49:30 +02:00
Petr Lautrbach
1b95bc38df
6.1p1-7 + 0.9.3-3
2013-03-06 10:41:50 +01:00
Petr Lautrbach
2a7883d153
6.1p1-6 + 0.9.3-3
2013-02-14 18:08:21 +01:00
Petr Lautrbach
d2b3b9a27e
pam_ssh_agent_auth - change paths from %{_lib} to %{_libdir}
2013-02-12 09:42:54 +01:00
Petr Lautrbach
19725a9954
fix bogus day names in changelog dates
2013-02-08 15:44:40 +01:00
Petr Lautrbach
cab7f53408
6.1p1-5 + 0.9.3-3
2013-02-08 14:56:47 +01:00
Petr Lautrbach
5bc906c19a
change default value of MaxStartups - CVE-2010-5107 - #908707
2013-02-08 14:32:20 +01:00
Petr Lautrbach
87391b7d01
add BuildRequires: perl-podlators
2013-02-07 14:21:38 +01:00
Petr Lautrbach
7642de98e4
6.1p1-4 + 0.9.3-3
2012-12-03 17:16:39 +01:00
Petr Lautrbach
790103e764
6.1p1-3 + 0.9.3-3
2012-12-03 10:29:07 +01:00
Petr Lautrbach
fe661c5cbb
obsolete RequiredAuthentications[12] options
2012-11-30 21:40:22 +01:00
Petr Lautrbach
5039c7c85d
reformat several patches after openssh-6.1p1-authenticationmethods.patch
2012-11-30 16:25:51 +01:00
Petr Lautrbach
bffd1c2234
replace RequiredAuthentications2 with AuthenticationMethods according to upstream
...
the upstream refused original patch with RequiredAuthentications2, but they came with their own implementation of required authentications,
see https://bugzilla.mindrot.org/show_bug.cgi?id=983 . The new method is more robust and flexible
it will be included in next openssh-6.2 release
2012-11-30 16:23:29 +01:00
Petr Lautrbach
ab30b92bd6
fix the man moduli page ( #841065 )
2012-11-06 09:59:17 +01:00
bach
f7f8b483b0
adapt openssh-6.1p1-akc.patch to the upstream version - https://bugzilla.mindrot.org/show_bug.cgi?id=1663
2012-11-05 14:43:22 +01:00
Petr Lautrbach
52c8eca4d9
fix gssapi canohost patch ( #863350 )
2012-10-30 11:06:45 +01:00
Petr Lautrbach
af2ebf77dc
6.1p1-2 + 0.9.3-3
2012-10-26 17:15:55 +02:00
Petr Lautrbach
afd52c4857
drop openssh-5.9p1-sftp-chroot.patch ( #830237 )
2012-10-26 17:04:25 +02:00
Petr Lautrbach
470ebd7abc
add SELinux comment to /etc/ssh/sshd_config about SELinux command to modify port ( #861400 )
2012-10-26 16:34:55 +02:00
Petr Lautrbach
13cf2478d6
smartcard support is replaced with PKCS#11 support already in 5.4p1 https://bugzilla.mindrot.org/show_bug.cgi?id=1371
2012-10-26 15:42:59 +02:00
Petr Lautrbach
1a5c95ee57
drop required chkconfig ( #865498 )
2012-10-12 13:03:26 +02:00
Petr Lautrbach
d0630aa358
6.1p1-1 + 0.9.3-3
2012-09-15 13:48:14 +02:00
Petr Lautrbach
fd408ed2a5
to run tests use --with check
2012-09-15 13:48:13 +02:00
Petr Lautrbach
e58e548a57
don't use /bin and /sbin paths ( #856590 )
2012-09-15 13:48:13 +02:00
Petr Lautrbach
581bf30d07
don't use chroot_user_t for chrooted users ( #830237 )
2012-09-15 13:47:45 +02:00
Petr Lautrbach
9fe1afc163
rebase to openssh-6.1p1 ( #852651 )
2012-09-15 13:29:49 +02:00
Petr Lautrbach
51ca3be245
use DIR: kerberos cache type ( #848228 )
2012-09-15 13:28:23 +02:00
Petr Lautrbach
94943d59db
replace scriptlets with systemd macros ( #850249 )
2012-09-15 13:28:01 +02:00
Petr Lautrbach
65ba94ef1a
rebase to openssh-6.0p1
...
6.0p1-1 + 0.9.3-2
2012-08-06 21:33:33 +02:00
Petr Lautrbach
90e11f338c
5.9p1-26 + 0.9.3-1
2012-08-06 19:42:13 +02:00
Petr Lautrbach
5382ccbe9b
handle crypt() returning NULL ( #815993 )
2012-08-06 09:08:52 +02:00
Petr Lautrbach
b648890ead
5.9p1-25 + 0.9.3-1
2012-07-27 14:35:43 +02:00
Tomas Mraz
e9620308c8
allow sha256 and sha512 hmacs in the FIPS mode
2012-07-17 21:03:59 +02:00
Tomas Mraz
4f4687ce80
fix segfault in su when pam_ssh_agent_auth is used and the ssh-agent
...
is not running, most probably not exploitable
update pam_ssh_agent_auth to 0.9.3 upstream version
2012-06-22 14:52:35 +02:00
Petr Lautrbach
2649d91e06
5.9p1-22 + 0.9.2-32
2012-04-06 21:01:27 +02:00
Petr Lautrbach
009f534b09
don't install sshd-keygen.service ( #810419 )
2012-04-06 21:01:06 +02:00
Petr Lautrbach
7294a991a2
5.9p1-21 + 0.9.2-32
2012-03-30 20:07:50 +02:00
Petr Lautrbach
22f0191d84
5.9p1-20 + 0.9.2-32
2012-03-23 09:16:52 +01:00
Petr Lautrbach
1027fdc205
don't enable sshd-keygen.service ( #805338 )
2012-03-23 09:16:10 +01:00
Petr Lautrbach
33e0acc5ef
5.9p1-19 + 0.9.2-32
2012-02-22 09:03:07 +01:00
Petr Lautrbach
feb99ea644
Look for x11 forward sockets with AI_ADDRCONFIG flag getaddrinfo ( #735889 )
2012-02-14 18:11:26 +01:00
Petr Lautrbach
d3ab95741d
5.9p1-18 + 0.9.2-32
2012-02-06 22:16:49 +01:00
Petr Lautrbach
d9e6186c71
replace TwoFactorAuth with RequiredAuthentications[12]
...
https://bugzilla.mindrot.org/show_bug.cgi?id=983
2012-02-06 22:16:38 +01:00
Petr Lautrbach
21699d5622
5.9p1-17 + 0.9.2-32
2012-01-31 14:09:17 +01:00
Petr Lautrbach
cd5891d0d5
run privsep slave process as the users SELinux context ( #781634 )
2012-01-31 14:09:00 +01:00
Tomas Mraz
017c65d99b
add CAVS test driver for the aes-ctr ciphers
2012-01-13 18:28:47 +01:00
Tomas Mraz
6148abd585
enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI
2012-01-11 19:11:33 +01:00
Petr Lautrbach
2e12878998
5.9p1-14 + 0.9.2-32
2011-12-06 17:42:00 +01:00
Petr Lautrbach
5bd5aa2976
warn about unsupported option UsePAM=no ( #757545 )
2011-12-06 17:41:06 +01:00
Tomas Mraz
4fc167470d
add back the restorecon call to ssh-copy-id - it might be needed on older
...
distributions (#739989 )
2011-11-21 09:03:05 +01:00
Tomas Mraz
81da99ed9b
Fix permissions of sshd private keys created by sshd-keygen script ( #754779 )
2011-11-18 09:26:19 +01:00
Tomas Mraz
17eb1038b2
still support /etc/sysconfig/sshd loading in sshd service ( #754732 )
2011-11-18 09:20:54 +01:00
Tomas Mraz
0fcb25a8d2
remove unnecessary requires on initscripts
...
set VerifyHostKeyDNS to ask in the default configuration (#739856 )
2011-10-14 18:19:47 +02:00
Jan F. Chadima
fcc5bdd01d
selinux sandbox rewrite
...
two factor authentication tweaking
2011-09-20 08:14:45 +02:00
Jan F. Chadima
28b0dc63f4
selinux sandbox rewrite
...
two factor authentication tweaking
2011-09-19 07:26:32 +02:00
Jan F. Chadima
cff1d0c39d
coverity upgrade
...
wipe off nonfunctional nss
selinux sandbox tweaking
2011-09-14 17:03:03 +02:00
Jan F. Chadima
c870e661c7
coverity upgrade
...
experimental selinux sandbox
2011-09-13 17:14:48 +02:00
JFCH
c2ea13d263
fully reanable auditing
2011-09-13 01:53:08 -04:00
Jan F. Chadima
1df0cf4657
repair signedness in akc patch
2011-09-12 20:44:35 +02:00
Jan F. Chadima
026db1cf63
temporarily disable part of audit4 patch
2011-09-12 08:34:27 +02:00
Jan F. Chadima
39b26b5169
temporarily disable part of audit4 patch
2011-09-12 08:11:41 +02:00
Jan F. Chadima
ea97ffa1ed
Coverity second pass
...
Reenable akc patch
2011-09-09 21:18:35 +02:00
Jan F. Chadima
3b545be5d7
Coverity first pass
2011-09-09 00:54:28 +02:00
Jan F. Chadima
311e6bb088
Rebase to 5.9p1
...
Add chroot sftp patch
Add two factor auth patch
2011-09-07 15:31:21 +02:00
Jan F. Chadima
69dd72f6ef
ignore SIGPIPE in ssh keyscan
2011-09-07 15:12:54 +02:00
Jan F. Chadima
19d4c790a8
ignore SIGPIPE in ssh keyscan
2011-08-23 19:01:59 +02:00
Jan F. Chadima
2b67a53348
save ssh-askpass's debuginfo
2011-08-09 15:15:23 +02:00
Jan F. Chadima
56b50ec772
compile ssh-askpass with corect CFLAGS
2011-08-08 23:32:31 +02:00
Jan F. Chadima
eed2da95a4
improve selinux's change context log
2011-08-08 13:37:15 +02:00
Jan F. Chadima
54f33f6451
improve selinux's change context log
2011-08-08 13:24:47 +02:00
Jan F. Chadima
ec3622478b
repair broken man pages
2011-08-08 11:57:43 +02:00
Jan F. Chadima
1592780c7c
rebuild
2011-07-25 09:39:35 +02:00
Jan F. Chadima
d704eab9f3
rebuild
2011-07-25 09:27:57 +02:00