Jakub Jelen
|
0a4ac4f4d3
|
Enable seccomp sandboxing after resolving problems with audit patch (#1062953)
|
2015-02-11 14:08:42 +01:00 |
|
Jakub Jelen
|
b552eb6714
|
Make output of sshd -T more consistent, using upstream patch (#1187521)
|
2015-02-03 14:17:05 +01:00 |
|
Jakub Jelen
|
580f986839
|
Update coverity patch after rebase to 6.7
|
2015-02-03 14:09:51 +01:00 |
|
Jakub Jelen
|
6c6416dc9d
|
6.7p1-2 + 0.9.3-4
|
2015-01-27 14:10:18 +01:00 |
|
Jakub Jelen
|
021326a6ae
|
Fix audit patch after rebase to 6.7
|
2015-01-27 12:07:13 +01:00 |
|
Petr Lautrbach
|
9b4e25cce0
|
temporarily disable audit patch causing segmentation faults
|
2015-01-20 17:08:25 +01:00 |
|
Petr Lautrbach
|
f29c8784c6
|
restore tcp wrappers support, based on Debian patch
https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html
|
2015-01-20 17:06:46 +01:00 |
|
Petr Lautrbach
|
1900351913
|
6.7p1-1 + 0.9.3-4
|
2015-01-20 13:21:45 +01:00 |
|
Petr Lautrbach
|
b457c98bec
|
use upstream FigerPrintHash for fingerprint - 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994
|
2015-01-19 15:26:56 +01:00 |
|
Petr Lautrbach
|
98584338a4
|
fix direction in CRYPTO_SESSION audit message
|
2015-01-16 17:40:20 +01:00 |
|
Jakub Jelen
|
3ffcb799b3
|
Fix changelog entry
|
2015-01-15 15:03:12 +01:00 |
|
Jakub Jelen
|
2109ab67c2
|
6.6.1p1-11 + 0.9.3-3
|
2015-01-14 17:15:02 +01:00 |
|
Petr Lautrbach
|
140e5ca05d
|
add new option GSSAPIEnablek5users and disable using ~/.k5users by default
CVE-2014-9278 (#1170745)
|
2015-01-14 17:10:40 +01:00 |
|
Jakub Jelen
|
9080a85b54
|
Update vendor-patchlevel string
|
2015-01-14 16:55:27 +01:00 |
|
Jakub Jelen
|
f92cd01d62
|
Update ldap extension to resolve #981058
|
2015-01-14 16:52:03 +01:00 |
|
Jakub Jelen
|
e581af0a84
|
Add missing documentation link to systemd service files (RHBZ#1181593)
|
2015-01-14 16:51:44 +01:00 |
|
Jakub Jelen
|
b9d68e7db4
|
Fix config parser for ip:port values (#1130733)
|
2015-01-14 16:48:32 +01:00 |
|
Jakub Jelen
|
fd06d69c6a
|
Fix confusing error message in scp (#1142223)
|
2015-01-14 16:46:23 +01:00 |
|
Petr Lautrbach
|
62986c5e87
|
6.6.1p1-10 + 0.9.3-3
|
2014-12-19 10:24:59 +01:00 |
|
Petr Lautrbach
|
7a7b8f0984
|
log via monitor in chroots without /dev/log
|
2014-12-19 10:14:36 +01:00 |
|
Petr Lautrbach
|
720cf82ef2
|
record pfs= field in CRYPTO_SESSION audit event
|
2014-12-15 18:59:39 +01:00 |
|
Petr Lautrbach
|
cf5c1140f2
|
increase size of AUDIT_LOG_SIZE to 256
|
2014-12-11 14:21:42 +01:00 |
|
Petr Lautrbach
|
276c16ce71
|
6.6.1p1-9 + 0.9.3-3
|
2014-12-03 18:18:19 +01:00 |
|
Petr Lautrbach
|
56a647f5e3
|
the .local domain example should be in ssh_config, not in sshd_config
|
2014-12-03 18:15:25 +01:00 |
|
Petr Lautrbach
|
08fe9e8e47
|
use different values for DH for Cisco servers (#1026430)
|
2014-12-03 17:10:47 +01:00 |
|
Petr Lautrbach
|
823364a11e
|
6.6.1p1-8 + 0.9.3-3
|
2014-11-13 22:21:52 +01:00 |
|
Petr Lautrbach
|
44f0ac8d08
|
fix several coverity issues Resolves: rhbz#1139794
|
2014-11-13 22:16:51 +01:00 |
|
Petr Lautrbach
|
57666dc3be
|
fix gsskex patch to correctly handle MONITOR_REQ_GSSSIGN request (#1118005)
|
2014-11-12 17:35:37 +01:00 |
|
Petr Lautrbach
|
a1e1ac2bfc
|
6.6.1p1-7 + 0.9.3-3
|
2014-11-07 12:53:03 +01:00 |
|
Petr Lautrbach
|
65a6cd2d8c
|
correct the calculation of bytes for authctxt->krb5_ccname <ams@corefiling.com> (#1161073)
|
2014-11-07 12:52:06 +01:00 |
|
Petr Lautrbach
|
3b7c8620a1
|
6.6.1p1-6 + 0.9.3-3
|
2014-11-04 19:09:42 +01:00 |
|
Petr Lautrbach
|
5296a797aa
|
privsep_preauth: use SELinux context from selinux-policy (#1008580)
|
2014-11-04 19:06:14 +01:00 |
|
Petr Lautrbach
|
414bfae1bc
|
change audit trail
- do not use (invalid user)
- change acct for an unknown user "(unknown)"
- don't send login audit event in getpwnamallow()
|
2014-11-04 18:56:47 +01:00 |
|
Petr Lautrbach
|
30c06a07fb
|
fix kuserok patch which checked for the existence of .k5login unconditionally and hence prevented other mechanisms to be used properly
|
2014-10-24 23:50:58 +02:00 |
|
Petr Lautrbach
|
1ba984dcf2
|
revert the default of KerberosUseKuserok back to yes (#1153076)
|
2014-10-24 23:50:09 +02:00 |
|
Petr Lautrbach
|
0f0e055d6a
|
Ignore SIGXFSZ in postauth monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2263
|
2014-09-29 08:37:05 +02:00 |
|
Petr Lautrbach
|
4b24967a9c
|
fix parsing of empty arguments in sshd_conf
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
|
2014-09-25 11:45:47 +02:00 |
|
Stanislav Zidek
|
c8fc193f3d
|
sshd-keygen - don't generate DSA and ED25519 host keys in FIPS mode
|
2014-09-23 12:29:25 +02:00 |
|
Petr Lautrbach
|
afde9f8153
|
6.6.1p1-5 + 0.9.3-3
|
2014-09-08 10:35:57 +02:00 |
|
Petr Lautrbach
|
ce2d80b4e7
|
don't consider a partial success as a failure
|
2014-09-04 16:33:25 +02:00 |
|
Petr Lautrbach
|
163064841f
|
apply RFC3454 stringprep to banners when possible
https://bugzilla.mindrot.org/show_bug.cgi?id=2058
|
2014-09-04 16:12:11 +02:00 |
|
Petr Lautrbach
|
c16b7033ca
|
change the rsa key generation error message due to FIPS restrictions in openssl
|
2014-09-02 15:41:51 +02:00 |
|
Petr Lautrbach
|
0a3f4e122d
|
set a client's address right after a connection is set
http://bugzilla.mindrot.org/show_bug.cgi?id=2257
|
2014-09-02 10:49:31 +02:00 |
|
Peter Robinson
|
662c5a05b3
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
2014-08-17 14:08:07 +00:00 |
|
Tom Callaway
|
e336e33a32
|
fix license handling
|
2014-07-18 19:28:30 -04:00 |
|
Petr Lautrbach
|
8ff21c966a
|
6.6.1p1-3 + 0.9.3-2
|
2014-07-18 08:38:51 +02:00 |
|
Petr Lautrbach
|
817071dc4d
|
standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
|
2014-07-17 14:28:16 +02:00 |
|
Petr Lautrbach
|
cef0d582b6
|
6.6.1p1-2 + 0.9.3-2
|
2014-07-14 12:35:16 +02:00 |
|
Petr Lautrbach
|
d8b90ac6f8
|
minor spec file cleanup
|
2014-07-09 21:40:06 +02:00 |
|
Petr Lautrbach
|
8028159313
|
fix and rebase fips patch to 6.6.1p1
|
2014-07-09 21:16:53 +02:00 |
|