8dd0608e77
Regression in certificate-based authentication ( #1333498 )
2016-05-06 09:25:20 +02:00
991b66246f
openssh-7.2p2-6 + 0.10.2-3
2016-04-29 13:57:45 +02:00
0b5300a59c
Add legacy sshd-keygen for anaconda ( #1331077 )
2016-04-29 13:41:38 +02:00
1380564732
openssh-7.2p2-5 + 0.10.2-3
2016-04-22 14:52:57 +02:00
cf4e3a1844
Fix for CVE-2015-8325 ( #1328013 )
2016-04-18 12:39:11 +02:00
58d2868dfe
openssh-7.2p2-4 + 0.10.2-3
2016-04-15 17:56:43 +02:00
5489ace8dc
Add sshd-keygen.target to abstract key creation from sshd.service and sshd@.service ( #1325535 )
...
* PartOf is needed to trigger sshd-keygen checks for sshd.service restarts
* sshd-keygen.target makes a level of abstraction to eliminate dupplicate
dependencies on both sshd and sshd@ services
2016-04-15 17:05:32 +02:00
461b3af818
Remove unused sshd init script
2016-04-15 17:04:59 +02:00
32a74888d5
openssh-7.2p2-3 + 0.10.2-3
2016-04-13 13:44:58 +02:00
00c7b75439
Make sshd-keygen comply with packaging guidelines ( #1325535 )
2016-04-13 13:42:12 +02:00
f7e56a52db
openssh-7.2p2-2 + 0.10.2-3
2016-04-06 13:01:29 +02:00
9163ba11f1
openssh-7.2p2-1 + 0.10.2-3
2016-03-10 13:36:41 +01:00
0bdae3b8df
openssh-7.2p1-1 + 0.10.2-2
2016-03-03 17:59:53 +01:00
e762f7265e
Restore slogin symlinks
2016-03-03 17:48:20 +01:00
13073f8d9c
openssh-7.2p1-1 ( #1312870 )
2016-02-29 15:01:33 +01:00
46445f1c7a
openssh-7.1p2-4 + 0.10.2-1
2016-02-25 10:38:09 +01:00
44fc97266b
Audit race condition resolved ( #1308295 )
2016-02-25 10:37:22 +01:00
700da17374
Remove hard glob limit since the CVE introducing this one is unrelated.
2016-02-24 09:51:43 +01:00
b2b837ad97
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-04 11:34:23 +00:00
8ddd3edcd8
openssh-7.1p2-3 + 0.10.2-1
2016-01-30 01:18:26 +01:00
6c2eb5e22d
openssh-7.1p2-2 + 0.10.2-1
2016-01-26 09:00:28 +01:00
38c7737421
Remove defattr from spec file
...
Mailing list thread:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/KEO7AX3JXR2TY6OVL4M7HDISZ6YIJNKU/
2016-01-26 09:00:28 +01:00
733cea720e
CVE-2016-1908: Prevent possible fallback from untrusted to trusted X11 forwarding
...
Upstream commits:
https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
2016-01-26 09:00:23 +01:00
87ab5fc4af
Reabse to latest release of pam_ssh_agent_auth with preserving current functionality
...
* Rebase to latest upstream version
* Clean up older patches for pam_ssh_agent_auth
* Remove prefixes from upstream release so we can build it against current
openssh library
* Remove copied files and headers so we make sure we build against current openssh
2016-01-25 13:32:42 +01:00
7bc64374b0
openssh-7.1p2-1 + 0.9.2-9
2016-01-14 16:11:06 +01:00
b2191db92e
openssh-7.1p1-7 + 0.9.2-8
2016-01-12 13:15:33 +01:00
06b1d5330a
Make ssh-keysign world readable ( #1296724 )
2016-01-08 13:22:09 +01:00
f26cd8d6ee
Update ssh-agent permissions ( #1296724 )
...
* It is no longer required to have ssh-agent with suid bit, because
the ptrace attach is prevented using PR_SET_DUMPABLE 0 [1]
[1] https://anongit.mindrot.org/openssh.git/commit/?id=6c4914afccb0c188a2c412d12dfb1b73e362e07e
2016-01-08 11:27:02 +01:00
7c5d0a686c
Make sure the semantics of %global macro stays the same as before a0e252571b
2016-01-08 09:15:52 +01:00
a0e252571b
Change %define to %global according to packaging guidelines
...
Based on discussion started on fedora-devel:
https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject.org/thread/AS35NKZSAWRIKY77IUYOVNFAT6AJQVAU/
2016-01-04 10:41:27 +01:00
c45d147a86
openssh-7.1p1-6 + 0.9.2-8
2015-12-18 14:36:00 +01:00
f6bd29aaca
Preserve IUTF8 tty mode flag over ssh connections ( #1270248 )
2015-12-18 14:36:00 +01:00
86f52d4e69
Rebase downstream patches of ssh-copy-id into one from upstream
...
Source:
http://git.hands.com/ssh-copy-id
2015-12-16 15:40:10 +01:00
d9d9575f00
GSSAPI Key Exchange documentation improvements
...
from Debian patches:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765655
2015-12-10 15:37:52 +01:00
ef86a312db
openssh-7.1p1-5 + 0.9.2-8
2015-11-04 10:18:50 +01:00
fa54d5472d
openssh-7.1p1-4 + 0.9.2-8
2015-10-22 14:55:07 +02:00
a80c277795
openssh-7.1p1-3 + 0.9.2-8
2015-09-25 14:10:39 +02:00
812f08d95e
Provide full RELRO and PIE form askpass helper ( #1264036 )
2015-09-24 15:57:11 +02:00
98262158d8
openssh-7.1p1-2 + 0.9.2-8
2015-09-09 14:29:31 +02:00
757fec581b
openssh-7.1p1-1 + 0.9.3-8
2015-08-22 22:22:48 +02:00
ccd186847a
Add corresponding options for ssh1 configure
2015-08-22 22:22:48 +02:00
c98f559725
HostKeyAlgorithms option on server is broken when using + sign
2015-08-22 22:22:48 +02:00
ebdae84225
openssh-7.0p1-2 + 0.9.3-7
2015-08-19 13:49:45 +02:00
18e54994fa
Fix typo in version string
2015-08-19 13:47:28 +02:00
4df30a2a72
Possibility to validate legacy systems by more fingerprints ( #1249626 )
2015-08-19 13:43:36 +02:00
bc4ef0f373
Add GSSAPIKexAlgorithms option for server and client application
2015-08-19 13:18:07 +02:00
3f55133c24
openssh-7.0p1-1 + 6.9.3-7
...
New upstream release (#1252639 )
- allow root login in default config
Security: Use-after-free bug related to PAM support (#1252853 )
Security: Privilege separation weakness related to PAM support (#1252854 )
Security: Incorrectly set TTYs to be world-writable (#1252862 )
2015-08-13 17:44:41 +02:00
2939c322fa
Create openssh-clients-ssh1 subpackage with tools for protocol SSHv1
2015-08-13 17:44:41 +02:00
1d50678457
Remove obsolete triggerruns for migration to systemd
...
- overlapping versions are not supported by current rpm
2015-07-28 13:08:55 +02:00
6286d6a8e6
6.9p1-4 + 0.9.3-6
2015-07-28 11:24:35 +02:00
Jakub Jelen
Fedora Release Engineering