Petr Lautrbach
|
5382ccbe9b
|
handle crypt() returning NULL (#815993)
|
2012-08-06 09:08:52 +02:00 |
|
Petr Lautrbach
|
0c438f5bc5
|
openssh-5.9p1-privsep-selinux.patch - change SELinux context also for
root user (#827109)
|
2012-08-06 08:58:30 +02:00 |
|
Petr Lautrbach
|
b648890ead
|
5.9p1-25 + 0.9.3-1
|
2012-07-27 14:35:43 +02:00 |
|
Petr Lautrbach
|
420ff03c91
|
removed dead code and fixed segfault in openssh-5.9p1-required-authentications.patch
|
2012-07-27 14:35:20 +02:00 |
|
Tomas Mraz
|
e9620308c8
|
allow sha256 and sha512 hmacs in the FIPS mode
|
2012-07-17 21:03:59 +02:00 |
|
Tomas Mraz
|
4f4687ce80
|
fix segfault in su when pam_ssh_agent_auth is used and the ssh-agent
is not running, most probably not exploitable
update pam_ssh_agent_auth to 0.9.3 upstream version
|
2012-06-22 14:52:35 +02:00 |
|
Petr Lautrbach
|
c4fd069940
|
Revert "Fix permissions of sshd private keys created by sshd-keygen script (#754779)" (#819896)
This reverts commit 81da99ed9b .
|
2012-05-09 12:52:01 +02:00 |
|
Petr Lautrbach
|
2649d91e06
|
5.9p1-22 + 0.9.2-32
|
2012-04-06 21:01:27 +02:00 |
|
Petr Lautrbach
|
009f534b09
|
don't install sshd-keygen.service (#810419)
|
2012-04-06 21:01:06 +02:00 |
|
Petr Lautrbach
|
2539b1c4f2
|
don't create RSA1 key in FIPS mode
|
2012-04-06 21:00:20 +02:00 |
|
Petr Lautrbach
|
7294a991a2
|
5.9p1-21 + 0.9.2-32
|
2012-03-30 20:07:50 +02:00 |
|
Petr Lautrbach
|
5bad1d43cf
|
fix various issues in openssh-5.9p1-required-authentications.patch
|
2012-03-30 19:29:02 +02:00 |
|
Petr Lautrbach
|
22f0191d84
|
5.9p1-20 + 0.9.2-32
|
2012-03-23 09:16:52 +01:00 |
|
Petr Lautrbach
|
1027fdc205
|
don't enable sshd-keygen.service (#805338)
|
2012-03-23 09:16:10 +01:00 |
|
Petr Lautrbach
|
52f99b131a
|
fix dependencies in systemd units (#805338)
|
2012-03-23 09:05:33 +01:00 |
|
Petr Lautrbach
|
33e0acc5ef
|
5.9p1-19 + 0.9.2-32
|
2012-02-22 09:03:07 +01:00 |
|
Petr Lautrbach
|
c3bb4552cf
|
adjust openssh-5.9p1-privsep-selinux.patch also for internal sftp subsystem
|
2012-02-17 11:35:49 +01:00 |
|
Petr Lautrbach
|
feb99ea644
|
Look for x11 forward sockets with AI_ADDRCONFIG flag getaddrinfo (#735889)
|
2012-02-14 18:11:26 +01:00 |
|
Petr Lautrbach
|
d3ab95741d
|
5.9p1-18 + 0.9.2-32
|
2012-02-06 22:16:49 +01:00 |
|
Petr Lautrbach
|
d9e6186c71
|
replace TwoFactorAuth with RequiredAuthentications[12]
https://bugzilla.mindrot.org/show_bug.cgi?id=983
|
2012-02-06 22:16:38 +01:00 |
|
Petr Lautrbach
|
21699d5622
|
5.9p1-17 + 0.9.2-32
|
2012-01-31 14:09:17 +01:00 |
|
Petr Lautrbach
|
cd5891d0d5
|
run privsep slave process as the users SELinux context (#781634)
|
2012-01-31 14:09:00 +01:00 |
|
Tomas Mraz
|
017c65d99b
|
add CAVS test driver for the aes-ctr ciphers
|
2012-01-13 18:28:47 +01:00 |
|
Tomas Mraz
|
6148abd585
|
enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI
|
2012-01-11 19:11:33 +01:00 |
|
Petr Lautrbach
|
2e12878998
|
5.9p1-14 + 0.9.2-32
|
2011-12-06 17:42:00 +01:00 |
|
Petr Lautrbach
|
5bd5aa2976
|
warn about unsupported option UsePAM=no (#757545)
|
2011-12-06 17:41:06 +01:00 |
|
Tomas Mraz
|
4fc167470d
|
add back the restorecon call to ssh-copy-id - it might be needed on older
distributions (#739989)
|
2011-11-21 09:03:05 +01:00 |
|
Tomas Mraz
|
2aa158e869
|
Load also the /etc/sysconfig/sshd before the sshd-keygen script.
|
2011-11-18 09:32:34 +01:00 |
|
Tomas Mraz
|
81da99ed9b
|
Fix permissions of sshd private keys created by sshd-keygen script (#754779)
|
2011-11-18 09:26:19 +01:00 |
|
Tomas Mraz
|
17eb1038b2
|
still support /etc/sysconfig/sshd loading in sshd service (#754732)
|
2011-11-18 09:20:54 +01:00 |
|
Tomas Mraz
|
0fcb25a8d2
|
remove unnecessary requires on initscripts
set VerifyHostKeyDNS to ask in the default configuration (#739856)
|
2011-10-14 18:19:47 +02:00 |
|
Jan F. Chadima
|
fcc5bdd01d
|
selinux sandbox rewrite
two factor authentication tweaking
|
2011-09-20 08:14:45 +02:00 |
|
Jan F. Chadima
|
28b0dc63f4
|
selinux sandbox rewrite
two factor authentication tweaking
|
2011-09-19 07:26:32 +02:00 |
|
Jan F. Chadima
|
cff1d0c39d
|
coverity upgrade
wipe off nonfunctional nss
selinux sandbox tweaking
|
2011-09-14 17:03:03 +02:00 |
|
Jan F. Chadima
|
c870e661c7
|
coverity upgrade
experimental selinux sandbox
|
2011-09-13 17:14:48 +02:00 |
|
JFCH
|
c2ea13d263
|
fully reanable auditing
|
2011-09-13 01:53:08 -04:00 |
|
Jan F. Chadima
|
1df0cf4657
|
repair signedness in akc patch
|
2011-09-12 20:44:35 +02:00 |
|
Jan F. Chadima
|
026db1cf63
|
temporarily disable part of audit4 patch
|
2011-09-12 08:34:27 +02:00 |
|
Jan F. Chadima
|
39b26b5169
|
temporarily disable part of audit4 patch
|
2011-09-12 08:11:41 +02:00 |
|
Jan F. Chadima
|
ea97ffa1ed
|
Coverity second pass
Reenable akc patch
|
2011-09-09 21:18:35 +02:00 |
|
Tomas Mraz
|
fc87f2dced
|
Add chunk missed in the new upstream merge.
|
2011-09-09 18:06:02 +02:00 |
|
Jan F. Chadima
|
3b545be5d7
|
Coverity first pass
|
2011-09-09 00:54:28 +02:00 |
|
Jan F. Chadima
|
311e6bb088
|
Rebase to 5.9p1
Add chroot sftp patch
Add two factor auth patch
|
2011-09-07 15:31:21 +02:00 |
|
Jan F. Chadima
|
69dd72f6ef
|
ignore SIGPIPE in ssh keyscan
|
2011-09-07 15:12:54 +02:00 |
|
Jan F. Chadima
|
19d4c790a8
|
ignore SIGPIPE in ssh keyscan
|
2011-08-23 19:01:59 +02:00 |
|
Jan F. Chadima
|
2b67a53348
|
save ssh-askpass's debuginfo
|
2011-08-09 15:15:23 +02:00 |
|
Jan F. Chadima
|
56b50ec772
|
compile ssh-askpass with corect CFLAGS
|
2011-08-08 23:32:31 +02:00 |
|
Jan F. Chadima
|
eed2da95a4
|
improve selinux's change context log
|
2011-08-08 13:37:15 +02:00 |
|
Jan F. Chadima
|
54f33f6451
|
improve selinux's change context log
|
2011-08-08 13:24:47 +02:00 |
|
Jan F. Chadima
|
ec3622478b
|
repair broken man pages
|
2011-08-08 11:57:43 +02:00 |
|