Petr Lautrbach
140e5ca05d
add new option GSSAPIEnablek5users and disable using ~/.k5users by default
...
CVE-2014-9278 (#1170745 )
2015-01-14 17:10:40 +01:00
Jakub Jelen
9080a85b54
Update vendor-patchlevel string
2015-01-14 16:55:27 +01:00
Jakub Jelen
b9d68e7db4
Fix config parser for ip:port values ( #1130733 )
2015-01-14 16:48:32 +01:00
Jakub Jelen
fd06d69c6a
Fix confusing error message in scp ( #1142223 )
2015-01-14 16:46:23 +01:00
Petr Lautrbach
62986c5e87
6.6.1p1-10 + 0.9.3-3
2014-12-19 10:24:59 +01:00
Petr Lautrbach
7a7b8f0984
log via monitor in chroots without /dev/log
2014-12-19 10:14:36 +01:00
Petr Lautrbach
720cf82ef2
record pfs= field in CRYPTO_SESSION audit event
2014-12-15 18:59:39 +01:00
Petr Lautrbach
276c16ce71
6.6.1p1-9 + 0.9.3-3
2014-12-03 18:18:19 +01:00
Petr Lautrbach
56a647f5e3
the .local domain example should be in ssh_config, not in sshd_config
2014-12-03 18:15:25 +01:00
Petr Lautrbach
08fe9e8e47
use different values for DH for Cisco servers ( #1026430 )
2014-12-03 17:10:47 +01:00
Petr Lautrbach
823364a11e
6.6.1p1-8 + 0.9.3-3
2014-11-13 22:21:52 +01:00
Petr Lautrbach
44f0ac8d08
fix several coverity issues Resolves: rhbz#1139794
2014-11-13 22:16:51 +01:00
Petr Lautrbach
a1e1ac2bfc
6.6.1p1-7 + 0.9.3-3
2014-11-07 12:53:03 +01:00
Petr Lautrbach
3b7c8620a1
6.6.1p1-6 + 0.9.3-3
2014-11-04 19:09:42 +01:00
Petr Lautrbach
5296a797aa
privsep_preauth: use SELinux context from selinux-policy ( #1008580 )
2014-11-04 19:06:14 +01:00
Petr Lautrbach
0f0e055d6a
Ignore SIGXFSZ in postauth monitor
...
https://bugzilla.mindrot.org/show_bug.cgi?id=2263
2014-09-29 08:37:05 +02:00
Petr Lautrbach
4b24967a9c
fix parsing of empty arguments in sshd_conf
...
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
2014-09-25 11:45:47 +02:00
Petr Lautrbach
afde9f8153
6.6.1p1-5 + 0.9.3-3
2014-09-08 10:35:57 +02:00
Petr Lautrbach
ce2d80b4e7
don't consider a partial success as a failure
2014-09-04 16:33:25 +02:00
Petr Lautrbach
163064841f
apply RFC3454 stringprep to banners when possible
...
https://bugzilla.mindrot.org/show_bug.cgi?id=2058
2014-09-04 16:12:11 +02:00
Petr Lautrbach
0a3f4e122d
set a client's address right after a connection is set
...
http://bugzilla.mindrot.org/show_bug.cgi?id=2257
2014-09-02 10:49:31 +02:00
Peter Robinson
662c5a05b3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-08-17 14:08:07 +00:00
Tom Callaway
e336e33a32
fix license handling
2014-07-18 19:28:30 -04:00
Petr Lautrbach
8ff21c966a
6.6.1p1-3 + 0.9.3-2
2014-07-18 08:38:51 +02:00
Petr Lautrbach
817071dc4d
standardise on NI_MAXHOST for gethostname() string lengths ( #1051490 )
2014-07-17 14:28:16 +02:00
Petr Lautrbach
cef0d582b6
6.6.1p1-2 + 0.9.3-2
2014-07-14 12:35:16 +02:00
Petr Lautrbach
d8b90ac6f8
minor spec file cleanup
2014-07-09 21:40:06 +02:00
Petr Lautrbach
8028159313
fix and rebase fips patch to 6.6.1p1
2014-07-09 21:16:53 +02:00
Petr Lautrbach
5160c9c8f3
rebase audit patch for 6.6.1p1
2014-07-08 17:42:18 +02:00
Petr Lautrbach
86f29c353e
bring back openssh-5.5p1-x11.patch
2014-07-03 16:42:56 +02:00
Petr Lautrbach
5fcfcac428
drop openssh-5.8p2-remove-stale-control-socket.patch
2014-07-03 16:23:00 +02:00
Petr Lautrbach
8b5feef2c8
bring back the openssh-5.8p2-sigpipe.patch
2014-07-03 16:14:38 +02:00
Dennis Gilmore
d1b0938acc
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-06-07 12:01:42 -05:00
Petr Lautrbach
5cde9cd3f2
6.6.1p1-1 + 0.9.3-2
2014-06-03 17:52:36 +02:00
Petr Lautrbach
fb6f390a78
drop openssh-server-sysvinit subpackage
2014-06-03 17:42:49 +02:00
Petr Lautrbach
44fb3c6aeb
OpenSSH 6.5 and 6.6 sometimes encode a value used in the
...
curve25519 key exchange incorrectly, causing connection failures
about 0.2% of the time when this method is used against a peer that
implements the method properly.
Fix the problem and disable the curve25519 KEX when speaking to
OpenSSH 6.5 or 6.6. This version will identify itself as 6.6.1
to enable the compatability code.
openssh-6.6.1p1
2014-06-03 17:18:36 +02:00
Petr Lautrbach
94c6f8ddcc
rebase to openssh-6.6p1
2014-06-03 16:51:07 +02:00
Petr Lautrbach
d75575229f
6.4p1-4 + 0.9.3-1
2014-05-15 10:37:16 +02:00
Petr Lautrbach
8f8619e1e6
ignore environment variables with embedded '=' or '\0' characters ( #1077843 )
...
CVE-2014-2532
2014-05-15 10:24:04 +02:00
Petr Lautrbach
d271e02296
prevent a server from skipping SSHFP lookup ( #1081338 )
...
CVE-2014-2653
2014-05-15 10:23:46 +02:00
Petr Lautrbach
9a031d2641
try CLOCK_BOOTTIME with fallback ( #1091992 )
2014-05-14 17:30:43 +02:00
Petr Lautrbach
f9f83a00b5
make /etc/ssh/moduli file public ( #1043661 )
2014-02-26 15:54:02 +01:00
Petr Lautrbach
96df3b5ecb
use tty allocation for a remote scp
2014-01-23 18:30:39 +01:00
Petr Lautrbach
b898cbf5e1
Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set
2014-01-23 18:30:03 +01:00
Petr Lautrbach
084bc6fca5
FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A
2014-01-23 18:29:02 +01:00
Petr Lautrbach
222dd2e358
6.4p1-3 + 0.9.3-1
2013-12-11 14:32:11 +01:00
Petr Lautrbach
89d920b074
6.4p1-2 + 0.9.3-1
2013-11-26 15:28:39 +01:00
Petr Lautrbach
09e9ef3d7c
6.4p1-1 + 0.9.3-1
2013-11-08 14:04:33 +01:00
Petr Lautrbach
3ed6191f56
6.3p1-5 + 0.9.3-7
2013-11-01 17:07:27 +01:00
Petr Lautrbach
5795323a53
don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> ( #1024965 )
2013-11-01 17:06:02 +01:00