ae831ab305
Fix NULL derefence ( #1380297 )
...
https://anongit.mindrot.org/openssh.git/patch/?id=28652bca29046f62c7045e933e6b931de1d16737
2016-09-29 11:15:13 +02:00
739842b137
Make the code build without SELinux and without Audit
2016-09-15 16:36:04 +02:00
0a605f4d31
openssh-7.3p1-3 + 0.10.2-4
2016-08-15 12:20:15 +02:00
38d533a5e1
Proper content of the included configuration files
2016-08-15 12:18:50 +02:00
73953d29f1
openssh-7.3p1-2 + 0.10.2-4
2016-08-09 10:32:01 +02:00
88f3a752ae
openssh-7.3p1-1. + 0.10.2-4
2016-08-09 08:24:35 +02:00
90ffc35e29
Correct permissions on the ssh_config directory ( #1365270 )
2016-08-09 08:23:44 +02:00
a711d3c82f
openssh-7.3p1-1 + 0.10.2-4
2016-08-04 13:57:21 +02:00
6454089e75
Create include directory with example content (redhat modifications)
2016-08-04 13:57:21 +02:00
6da7f4d0ed
Drop SCP progressmeter patch because of reworked UTF-8 API (tracked upstream #2434 )
2016-08-04 13:57:02 +02:00
70c2ac20bd
CVE-2016-6210 is fixed upstream
2016-08-04 10:59:59 +02:00
13a7aaf5e3
CVE-2015-8325 and certificate regression are fixed upstream
2016-08-04 10:59:59 +02:00
38e1dfa80d
Upstream bug #2477 applied
2016-08-04 10:59:59 +02:00
4bd77fcccc
seccomp for secondary architecures patch already upstream ( #2590 )
2016-08-04 10:59:59 +02:00
05bc93847e
Bug #2281 resolved upstream
2016-08-04 10:59:59 +02:00
178ce15f5a
UTF-8 banners resolved by upstream bug #2058
2016-08-04 10:59:59 +02:00
14320ca590
The upstream bug #2257 is fixed
2016-08-04 10:59:59 +02:00
82bfd19e51
openssh-7.2p2-11 + 0.10.2-3
2016-07-26 15:41:29 +02:00
6a7dd92929
Remove legacy sshd-keygen ( #1359762 )
...
Revert "Add legacy sshd-keygen for anaconda (#1331077 )"
This reverts commit 0b5300a59c
2016-07-26 15:41:29 +02:00
793bc4b1cc
Remove slogin symlinks ( #1359762 )
...
Revert "Restore slogin symlinks"
This reverts commit e762f7265e
2016-07-26 15:41:29 +02:00
b4df5ebb8d
Rework SELinux context handling with chroot using libcap-ng ( #1357860 )
2016-07-26 15:40:30 +02:00
9dc741314f
openssh-7.2p2-10 + 0.10.2-3
2016-07-18 13:55:58 +02:00
1057900209
Prevent user enumeration via timing channel (CVE-2016-6210)
2016-07-18 13:30:52 +02:00
209c7a8aea
Expose more information to PAM
2016-07-18 13:30:51 +02:00
9864973c69
Make closefrom() ignore softlinks to the /dev/ devices on s390
2016-07-18 12:26:15 +02:00
a49441fa52
openssh-7.2p2-9 + 0.10.2-3
2016-07-01 09:07:18 +02:00
5a67d51d0f
openssh-7.2p2-8 + 0.10.2-3
2016-06-24 12:07:22 +02:00
186bf3858e
UseLogin yes is not supported in Fedora
2016-06-24 12:07:22 +02:00
ad928ac7d1
Mandatory Perl build-requires added < https://fedoraproject.org/wiki/Changes/Build_Root_Without_Perl >
2016-06-24 10:03:17 +02:00
ba8f38935c
openssh-7.2p2-7
2016-06-06 16:39:35 +02:00
f6a096caf2
Build seccomp filter on ppc64(le) architecture ( #1195065 )
2016-06-06 16:39:35 +02:00
1144aef1d1
Comments for patches, merge ssh_config from localdomain to redhat patch (ssh_config related)
2016-06-06 16:39:17 +02:00
f2868287aa
rebase x11 patch to clean up coverity patch
2016-06-03 10:44:32 +02:00
ea9421342e
Coverity: dereference in pam_ssh_agent_auth
...
Upstream: https://sourceforge.net/p/pamsshagentauth/bugs/22/
2016-06-03 09:49:44 +02:00
d78d347c11
Check for real location of .k5login file ( #1328243 )
2016-06-03 09:29:58 +02:00
8dd0608e77
Regression in certificate-based authentication ( #1333498 )
2016-05-06 09:25:20 +02:00
991b66246f
openssh-7.2p2-6 + 0.10.2-3
2016-04-29 13:57:45 +02:00
0b5300a59c
Add legacy sshd-keygen for anaconda ( #1331077 )
2016-04-29 13:41:38 +02:00
1380564732
openssh-7.2p2-5 + 0.10.2-3
2016-04-22 14:52:57 +02:00
cf4e3a1844
Fix for CVE-2015-8325 ( #1328013 )
2016-04-18 12:39:11 +02:00
58d2868dfe
openssh-7.2p2-4 + 0.10.2-3
2016-04-15 17:56:43 +02:00
5489ace8dc
Add sshd-keygen.target to abstract key creation from sshd.service and sshd@.service ( #1325535 )
...
* PartOf is needed to trigger sshd-keygen checks for sshd.service restarts
* sshd-keygen.target makes a level of abstraction to eliminate dupplicate
dependencies on both sshd and sshd@ services
2016-04-15 17:05:32 +02:00
461b3af818
Remove unused sshd init script
2016-04-15 17:04:59 +02:00
32a74888d5
openssh-7.2p2-3 + 0.10.2-3
2016-04-13 13:44:58 +02:00
00c7b75439
Make sshd-keygen comply with packaging guidelines ( #1325535 )
2016-04-13 13:42:12 +02:00
f7e56a52db
openssh-7.2p2-2 + 0.10.2-3
2016-04-06 13:01:29 +02:00
9163ba11f1
openssh-7.2p2-1 + 0.10.2-3
2016-03-10 13:36:41 +01:00
0bdae3b8df
openssh-7.2p1-1 + 0.10.2-2
2016-03-03 17:59:53 +01:00
e762f7265e
Restore slogin symlinks
2016-03-03 17:48:20 +01:00
13073f8d9c
openssh-7.2p1-1 ( #1312870 )
2016-02-29 15:01:33 +01:00
46445f1c7a
openssh-7.1p2-4 + 0.10.2-1
2016-02-25 10:38:09 +01:00
44fc97266b
Audit race condition resolved ( #1308295 )
2016-02-25 10:37:22 +01:00
700da17374
Remove hard glob limit since the CVE introducing this one is unrelated.
2016-02-24 09:51:43 +01:00
b2b837ad97
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-04 11:34:23 +00:00
8ddd3edcd8
openssh-7.1p2-3 + 0.10.2-1
2016-01-30 01:18:26 +01:00
6c2eb5e22d
openssh-7.1p2-2 + 0.10.2-1
2016-01-26 09:00:28 +01:00
38c7737421
Remove defattr from spec file
...
Mailing list thread:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/KEO7AX3JXR2TY6OVL4M7HDISZ6YIJNKU/
2016-01-26 09:00:28 +01:00
733cea720e
CVE-2016-1908: Prevent possible fallback from untrusted to trusted X11 forwarding
...
Upstream commits:
https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
2016-01-26 09:00:23 +01:00
87ab5fc4af
Reabse to latest release of pam_ssh_agent_auth with preserving current functionality
...
* Rebase to latest upstream version
* Clean up older patches for pam_ssh_agent_auth
* Remove prefixes from upstream release so we can build it against current
openssh library
* Remove copied files and headers so we make sure we build against current openssh
2016-01-25 13:32:42 +01:00
7bc64374b0
openssh-7.1p2-1 + 0.9.2-9
2016-01-14 16:11:06 +01:00
b2191db92e
openssh-7.1p1-7 + 0.9.2-8
2016-01-12 13:15:33 +01:00
06b1d5330a
Make ssh-keysign world readable ( #1296724 )
2016-01-08 13:22:09 +01:00
f26cd8d6ee
Update ssh-agent permissions ( #1296724 )
...
* It is no longer required to have ssh-agent with suid bit, because
the ptrace attach is prevented using PR_SET_DUMPABLE 0 [1]
[1] https://anongit.mindrot.org/openssh.git/commit/?id=6c4914afccb0c188a2c412d12dfb1b73e362e07e
2016-01-08 11:27:02 +01:00
7c5d0a686c
Make sure the semantics of %global macro stays the same as before a0e252571b
2016-01-08 09:15:52 +01:00
a0e252571b
Change %define to %global according to packaging guidelines
...
Based on discussion started on fedora-devel:
https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject.org/thread/AS35NKZSAWRIKY77IUYOVNFAT6AJQVAU/
2016-01-04 10:41:27 +01:00
c45d147a86
openssh-7.1p1-6 + 0.9.2-8
2015-12-18 14:36:00 +01:00
f6bd29aaca
Preserve IUTF8 tty mode flag over ssh connections ( #1270248 )
2015-12-18 14:36:00 +01:00
86f52d4e69
Rebase downstream patches of ssh-copy-id into one from upstream
...
Source:
http://git.hands.com/ssh-copy-id
2015-12-16 15:40:10 +01:00
d9d9575f00
GSSAPI Key Exchange documentation improvements
...
from Debian patches:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765655
2015-12-10 15:37:52 +01:00
ef86a312db
openssh-7.1p1-5 + 0.9.2-8
2015-11-04 10:18:50 +01:00
fa54d5472d
openssh-7.1p1-4 + 0.9.2-8
2015-10-22 14:55:07 +02:00
a80c277795
openssh-7.1p1-3 + 0.9.2-8
2015-09-25 14:10:39 +02:00
812f08d95e
Provide full RELRO and PIE form askpass helper ( #1264036 )
2015-09-24 15:57:11 +02:00
98262158d8
openssh-7.1p1-2 + 0.9.2-8
2015-09-09 14:29:31 +02:00
757fec581b
openssh-7.1p1-1 + 0.9.3-8
2015-08-22 22:22:48 +02:00
ccd186847a
Add corresponding options for ssh1 configure
2015-08-22 22:22:48 +02:00
c98f559725
HostKeyAlgorithms option on server is broken when using + sign
2015-08-22 22:22:48 +02:00
ebdae84225
openssh-7.0p1-2 + 0.9.3-7
2015-08-19 13:49:45 +02:00
18e54994fa
Fix typo in version string
2015-08-19 13:47:28 +02:00
4df30a2a72
Possibility to validate legacy systems by more fingerprints ( #1249626 )
2015-08-19 13:43:36 +02:00
bc4ef0f373
Add GSSAPIKexAlgorithms option for server and client application
2015-08-19 13:18:07 +02:00
3f55133c24
openssh-7.0p1-1 + 6.9.3-7
...
New upstream release (#1252639 )
- allow root login in default config
Security: Use-after-free bug related to PAM support (#1252853 )
Security: Privilege separation weakness related to PAM support (#1252854 )
Security: Incorrectly set TTYs to be world-writable (#1252862 )
2015-08-13 17:44:41 +02:00
2939c322fa
Create openssh-clients-ssh1 subpackage with tools for protocol SSHv1
2015-08-13 17:44:41 +02:00
1d50678457
Remove obsolete triggerruns for migration to systemd
...
- overlapping versions are not supported by current rpm
2015-07-28 13:08:55 +02:00
6286d6a8e6
6.9p1-4 + 0.9.3-6
2015-07-28 11:24:35 +02:00
67938e0c00
Handle terminal control characters in scp progressmeter ( #1247204 )
2015-07-28 11:23:51 +02:00
83bfb1fce5
6.9p1-3 + 0.9.3-6
2015-07-23 11:12:19 +02:00
c6d2eca7de
only query each keyboard-interactive device once ( #1245971 )
...
Upstream commit
https://anongit.mindrot.org/openssh.git/commit/?id=5b64f85bb811246c59ebab70aed331f26ba37b18
2015-07-23 11:06:12 +02:00
ca62b6133e
6.9p1-2 + 0.9.3-6
2015-07-15 09:44:37 +02:00
a4d9cd5694
Patch name, formating
2015-07-08 12:24:34 +02:00
58ba50440e
Allow building seccomp filters also for s390(x) architectures ( #1195065 )
2015-07-02 17:10:58 +02:00
187a349ee6
6.9p1-1 + 0.9.3-6
2015-07-01 15:51:20 +02:00
5de6c89ff2
Correctly revert "PermitRootLogin no" option from upstream sources
2015-07-01 15:51:20 +02:00
535d341e70
rebase to new upstream release 6.9
2015-07-01 15:51:01 +02:00
f3002bfb7b
6.8p1-9 + 0.9.3-5
2015-06-24 10:49:08 +02:00
b59dd83265
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
2015-06-18 00:06:18 +00:00
5aa47ae6f4
6.8p1-8 + 0.9.3-5
2015-06-08 09:06:12 +02:00
f049b3b1ad
6.8p1-7 + 0.9.3-5
2015-06-03 07:54:20 +02:00
8a10dcb363
6.8p1-6 + 0.9.3-5
2015-05-28 14:02:26 +02:00
09ca6ef2e6
Provide LDIF version of LPK schema
2015-05-28 13:51:58 +02:00
0a076e7e9e
Add missing Banner in sshd -T output
2015-05-28 13:39:34 +02:00
8244d5a508
Fix upstream memory problems
2015-05-27 16:16:41 +02:00
637556d934
Resolve problem with pam_ssh_agent_auth after rebase ( #1225106 )
...
* authfd internals changed in upstream commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622
* Reintroduced missing structure AuthenticationConnection
* inspired by ssh-add.c
2015-05-27 15:08:37 +02:00
3e3570ad64
ssh-copy-id: tcsh doesnt work with multiline strings so we will make it uggly one-line
2015-05-27 12:05:49 +02:00
775e1b20e6
6.8p1-5 + 0.9.3-5
2015-04-20 17:28:43 +02:00
c5163162d3
6.8p1-4 + 0.9.3-5
2015-04-02 17:51:58 +02:00
c028ac51a4
6.8p1-3 + 0.9.3-5
2015-03-31 17:24:34 +02:00
23bc31b25a
Remove krb5-config workaround for #1203900
2015-03-30 11:48:11 +02:00
e5b15a7419
6.8p1-2 + 0.9.3-5
2015-03-26 14:20:31 +01:00
07756a2278
Fix reintroduced upstrem bug #1878
2015-03-26 14:20:31 +01:00
12cf3e4d35
Update audit patch after rebase with more sanity checks
2015-03-26 14:20:31 +01:00
aa8fb3e1cc
rebuild 6.8p1-1.1 + 0.9.3-5
2015-03-24 11:04:38 +01:00
1330ede7ff
rebuild 6.8p1-1.1 + 0.9.3-5
2015-03-24 11:00:15 +01:00
e3688f35e1
release 6.8p1-1 + 0.9.3-5
2015-03-24 10:40:21 +01:00
d276698802
Workaround krb5-config bug ( #1204646 )
2015-03-24 10:39:01 +01:00
132f8f8686
6.8p1-1 + 0.9.3-5
2015-03-23 16:05:49 +01:00
7b82d087e1
6.7p1-11 + 0.9.3-4
2015-03-12 11:46:33 +01:00
c31740f8ea
Fix tmpfiles to be more consistent with other config files in package ( #1196807 )
2015-03-12 11:45:59 +01:00
558fb7b2f4
Add sftp option to force mode of created files
2015-03-11 18:09:06 +01:00
7aa6321a86
6.7p1-10 + 0.9.3-4
2015-03-02 08:23:32 +01:00
766438b1d5
Add tmpfiles.d entries ( #1196807 )
2015-03-02 08:23:31 +01:00
c8b4078a3f
6.7p1-9 + 0.9.3-4
2015-02-27 18:44:47 +01:00
cbda6f57fb
Solve issue with ssh-copy-id and keys without trailing newline ( #1093168 )
2015-02-25 10:46:29 +01:00
5f3c83fd09
6.7p1-8 + 0.9.3-4
2015-02-24 10:10:07 +01:00
6656486e18
Add AArch64 support for seccomp_filter sandbox ( #1195065 )
2015-02-24 09:17:43 +01:00
e0f867b153
6.7p1-7 + 0.9.3-4
2015-02-23 12:43:25 +01:00
c13a4b7170
6.7p1-6 + 0.9.3-4
2015-02-23 12:18:07 +01:00
d5a8001387
Fix seccomp filter for ix68 ( #1194401 ), fix previous commit
2015-02-23 12:17:30 +01:00
b9846a816d
fix if statement
2015-02-22 17:36:25 +00:00
74e740c136
Only use seccomp for sandboxing on supported platforms
2015-02-22 17:28:16 +00:00
c6945293fd
6.7p1-4 + 0.9.3-4
2015-02-20 15:06:26 +01:00
77f453b74d
cleanup working directory, spec file and unused patches after rebase
2015-02-20 15:06:17 +01:00
08cb909f5d
Move cavs tests into subpackage -cavs ( #1194320 )
2015-02-20 13:24:42 +01:00
2f556360f6
6.7p1-3 + 0.9.3-4
2015-02-18 16:11:48 +01:00
6df422d544
Fix ssh-copy-id on non-sh shells ( #1045191 )
2015-02-18 16:01:39 +01:00
bb3e880c01
Add SSH KDF CAVS test driver for future FIPS validation ( #1193045 )
2015-02-18 15:48:10 +01:00
14c675f3a5
Use global hardening specification instead of hardening made by openssh.
...
Openssh uses by default -fPIE flag, which didn't allow to build
pam_ssh_agent_auth.so with from libssh.a.
Validated using /CoreOS/openssh/Regression/bz642927-add-relro-flag
2015-02-18 10:34:40 +01:00
0a4ac4f4d3
Enable seccomp sandboxing after resolving problems with audit patch ( #1062953 )
2015-02-11 14:08:42 +01:00
b552eb6714
Make output of sshd -T more consistent, using upstream patch ( #1187521 )
2015-02-03 14:17:05 +01:00
580f986839
Update coverity patch after rebase to 6.7
2015-02-03 14:09:51 +01:00
6c6416dc9d
6.7p1-2 + 0.9.3-4
2015-01-27 14:10:18 +01:00
021326a6ae
Fix audit patch after rebase to 6.7
2015-01-27 12:07:13 +01:00
9b4e25cce0
temporarily disable audit patch causing segmentation faults
2015-01-20 17:08:25 +01:00
f29c8784c6
restore tcp wrappers support, based on Debian patch
...
https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html
2015-01-20 17:06:46 +01:00
1900351913
6.7p1-1 + 0.9.3-4
2015-01-20 13:21:45 +01:00
b457c98bec
use upstream FigerPrintHash for fingerprint - 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994
2015-01-19 15:26:56 +01:00
3ffcb799b3
Fix changelog entry
2015-01-15 15:03:12 +01:00
2109ab67c2
6.6.1p1-11 + 0.9.3-3
2015-01-14 17:15:02 +01:00
140e5ca05d
add new option GSSAPIEnablek5users and disable using ~/.k5users by default
...
CVE-2014-9278 (#1170745 )
2015-01-14 17:10:40 +01:00
9080a85b54
Update vendor-patchlevel string
2015-01-14 16:55:27 +01:00
b9d68e7db4
Fix config parser for ip:port values ( #1130733 )
2015-01-14 16:48:32 +01:00
fd06d69c6a
Fix confusing error message in scp ( #1142223 )
2015-01-14 16:46:23 +01:00
62986c5e87
6.6.1p1-10 + 0.9.3-3
2014-12-19 10:24:59 +01:00
7a7b8f0984
log via monitor in chroots without /dev/log
2014-12-19 10:14:36 +01:00
720cf82ef2
record pfs= field in CRYPTO_SESSION audit event
2014-12-15 18:59:39 +01:00
276c16ce71
6.6.1p1-9 + 0.9.3-3
2014-12-03 18:18:19 +01:00
56a647f5e3
the .local domain example should be in ssh_config, not in sshd_config
2014-12-03 18:15:25 +01:00
08fe9e8e47
use different values for DH for Cisco servers ( #1026430 )
2014-12-03 17:10:47 +01:00
823364a11e
6.6.1p1-8 + 0.9.3-3
2014-11-13 22:21:52 +01:00
44f0ac8d08
fix several coverity issues Resolves: rhbz#1139794
2014-11-13 22:16:51 +01:00
a1e1ac2bfc
6.6.1p1-7 + 0.9.3-3
2014-11-07 12:53:03 +01:00
3b7c8620a1
6.6.1p1-6 + 0.9.3-3
2014-11-04 19:09:42 +01:00
5296a797aa
privsep_preauth: use SELinux context from selinux-policy ( #1008580 )
2014-11-04 19:06:14 +01:00
0f0e055d6a
Ignore SIGXFSZ in postauth monitor
...
https://bugzilla.mindrot.org/show_bug.cgi?id=2263
2014-09-29 08:37:05 +02:00
4b24967a9c
fix parsing of empty arguments in sshd_conf
...
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
2014-09-25 11:45:47 +02:00
afde9f8153
6.6.1p1-5 + 0.9.3-3
2014-09-08 10:35:57 +02:00
ce2d80b4e7
don't consider a partial success as a failure
2014-09-04 16:33:25 +02:00
163064841f
apply RFC3454 stringprep to banners when possible
...
https://bugzilla.mindrot.org/show_bug.cgi?id=2058
2014-09-04 16:12:11 +02:00
0a3f4e122d
set a client's address right after a connection is set
...
http://bugzilla.mindrot.org/show_bug.cgi?id=2257
2014-09-02 10:49:31 +02:00
662c5a05b3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-08-17 14:08:07 +00:00
e336e33a32
fix license handling
2014-07-18 19:28:30 -04:00
8ff21c966a
6.6.1p1-3 + 0.9.3-2
2014-07-18 08:38:51 +02:00
817071dc4d
standardise on NI_MAXHOST for gethostname() string lengths ( #1051490 )
2014-07-17 14:28:16 +02:00
cef0d582b6
6.6.1p1-2 + 0.9.3-2
2014-07-14 12:35:16 +02:00
d8b90ac6f8
minor spec file cleanup
2014-07-09 21:40:06 +02:00
8028159313
fix and rebase fips patch to 6.6.1p1
2014-07-09 21:16:53 +02:00
5160c9c8f3
rebase audit patch for 6.6.1p1
2014-07-08 17:42:18 +02:00
86f29c353e
bring back openssh-5.5p1-x11.patch
2014-07-03 16:42:56 +02:00
5fcfcac428
drop openssh-5.8p2-remove-stale-control-socket.patch
2014-07-03 16:23:00 +02:00
8b5feef2c8
bring back the openssh-5.8p2-sigpipe.patch
2014-07-03 16:14:38 +02:00
d1b0938acc
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-06-07 12:01:42 -05:00
5cde9cd3f2
6.6.1p1-1 + 0.9.3-2
2014-06-03 17:52:36 +02:00
fb6f390a78
drop openssh-server-sysvinit subpackage
2014-06-03 17:42:49 +02:00
44fb3c6aeb
OpenSSH 6.5 and 6.6 sometimes encode a value used in the
...
curve25519 key exchange incorrectly, causing connection failures
about 0.2% of the time when this method is used against a peer that
implements the method properly.
Fix the problem and disable the curve25519 KEX when speaking to
OpenSSH 6.5 or 6.6. This version will identify itself as 6.6.1
to enable the compatability code.
openssh-6.6.1p1
2014-06-03 17:18:36 +02:00
94c6f8ddcc
rebase to openssh-6.6p1
2014-06-03 16:51:07 +02:00
d75575229f
6.4p1-4 + 0.9.3-1
2014-05-15 10:37:16 +02:00
8f8619e1e6
ignore environment variables with embedded '=' or '\0' characters ( #1077843 )
...
CVE-2014-2532
2014-05-15 10:24:04 +02:00
d271e02296
prevent a server from skipping SSHFP lookup ( #1081338 )
...
CVE-2014-2653
2014-05-15 10:23:46 +02:00
9a031d2641
try CLOCK_BOOTTIME with fallback ( #1091992 )
2014-05-14 17:30:43 +02:00
f9f83a00b5
make /etc/ssh/moduli file public ( #1043661 )
2014-02-26 15:54:02 +01:00
96df3b5ecb
use tty allocation for a remote scp
2014-01-23 18:30:39 +01:00
b898cbf5e1
Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set
2014-01-23 18:30:03 +01:00
084bc6fca5
FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A
2014-01-23 18:29:02 +01:00
222dd2e358
6.4p1-3 + 0.9.3-1
2013-12-11 14:32:11 +01:00
89d920b074
6.4p1-2 + 0.9.3-1
2013-11-26 15:28:39 +01:00
09e9ef3d7c
6.4p1-1 + 0.9.3-1
2013-11-08 14:04:33 +01:00
3ed6191f56
6.3p1-5 + 0.9.3-7
2013-11-01 17:07:27 +01:00
5795323a53
don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> ( #1024965 )
2013-11-01 17:06:02 +01:00
7feb965804
6.3p1-4 + 0.9.3-6
2013-10-25 15:46:49 +02:00
2add7a8ff5
rebuild with openssl-1.0.1e-29.fc20 to enable ECC support
2013-10-25 15:19:26 +02:00
Jakub Jelen
Petr Písař
Fedora Release Engineering
Dennis Gilmore
Marcin Juszkiewicz
Peter Robinson
Petr Lautrbach
Peter Robinson
Tom Callaway