Tomáš Mráz
7210c0162a
- mls level check must be done with default role same as requested
2007-03-20 09:13:40 +00:00
Tomáš Mráz
b40baab181
- make profile.d/gnome-ssh-askpass.* regular files ( #226218 )
2007-03-19 11:57:36 +00:00
Tomáš Mráz
546fdd9f47
- reject connection if requested mls range is not obtained ( #229278 )
2007-03-01 08:28:22 +00:00
Tomáš Mráz
9d725bd1ab
- improve Buildroot
...
- remove duplicate /etc/ssh from files
2007-02-22 13:00:51 +00:00
Tomáš Mráz
73a8557dfd
- fix some forward porting typos
2007-01-16 21:20:04 +00:00
Tomáš Mráz
c2b35d09c0
- support mls on labeled networks ( #220487 )
...
- support mls level selection on unlabeled networks
- allow / in usernames in scp (only beginning /, ./, and ../ is special)
2007-01-16 20:58:00 +00:00
Tomáš Mráz
45f17da853
- buildrequire tcp_wrappers-devel
2006-12-21 13:59:55 +00:00
Tomáš Mráz
ad07b998ed
- update to 4.5p1 ( #212606 )
2006-12-21 13:42:47 +00:00
Tomáš Mráz
914284ff3f
- fix gssapi with DNS loadbalanced clusters ( #216857 )
2006-11-30 10:50:12 +00:00
Tomáš Mráz
d63dc67db7
- improved pam_session patch so it doesn't regress, the patch is necessary
...
for the pam_session_close to be called correctly as uid 0
2006-11-28 21:14:50 +00:00
Tomáš Mráz
ad61b116d1
- CVE-2006-5794 - properly detect failed key verify in monitor ( #214641 )
2006-11-10 10:00:04 +00:00
Tomáš Mráz
19675afc7c
- merge sshd initscript patches
...
- kill all ssh sessions when stop is called in halt or reboot runlevel
- remove -TERM option from killproc so we don't race on sshd restart
2006-11-02 13:33:37 +00:00
Tomáš Mráz
7114c4238b
- improve gssapi-no-spnego patch ( #208102 )
...
- CVE-2006-4924 - prevent DoS on deattack detector (#207957 )
- CVE-2006-5051 - don't call cleanups from signal handler (#208459 )
2006-10-02 17:35:50 +00:00
Tomáš Mráz
ac4818c499
- don't report duplicate syslog messages, use correct local time ( #189158 )
...
- don't allow spnego as gssapi mechanism (from upstream)
- fixed memleaks found by Coverity (from upstream)
- allow ip options except source routing (#202856 ) (patch by HP)
2006-08-23 21:06:38 +00:00
Tomáš Mráz
c12d6ba86c
- drop the pam-session patch from the previous build ( #201341 )
...
- don't set IPV6_V6ONLY sock opt when listening on wildcard addr (#201594 )
2006-08-08 11:58:33 +00:00
Tomáš Mráz
762e407bd5
- dropped old ssh obsoletes
...
- call the pam_session_open/close from the monitor when privsep is enabled
so it is always called as root (patch by Darren Tucker)
2006-07-20 11:06:42 +00:00
Tomáš Mráz
ef32423955
- improve selinux patch (by Jan Kiszka)
...
- upstream patch for buffer append space error (#191940 )
- fixed typo in configure.ac (#198986 )
- added pam_keyinit to pam configuration (#198628 )
- improved error message when askpass dialog cannot grab keyboard input
(#198332 )
- buildrequires xauth instead of xorg-x11-xauth
- fixed a few rpmlint warnings
2006-07-17 14:09:15 +00:00
Jesse Keating
d446e97b50
bumped for rebuild
2006-07-12 07:35:41 +00:00
Tomáš Mráz
7e1c558992
- don't request pseudoterminal allocation if stdin is not tty ( #188983 )
2006-04-14 08:26:10 +00:00
Tomáš Mráz
5f29aca399
- allow access if audit is not compiled in kernel ( #183243 )
2006-03-02 21:37:28 +00:00
Tomáš Mráz
e01ed66930
- enable the subprocess in chroot to send messages to system log
...
- sshd should prevent login if audit call fails
2006-02-24 14:07:41 +00:00
Tomáš Mráz
b5e849f024
- print error from scp if not remote (patch by Bjorn Augustsson #178923 )
2006-02-21 16:00:42 +00:00
Tomáš Mráz
f16d34eebb
- new version
2006-02-13 14:11:41 +00:00
Jesse Keating
3de0ff3efe
bump for bug in double-long on ppc(64)
2006-02-11 04:53:48 +00:00
Tomáš Mráz
f223ebd938
- fixed another place where syslog was called in signal handler
...
- pass locale environment variables to server, accept them there (#179851 )
2006-02-06 20:16:03 +00:00
Tomáš Mráz
fd638ab458
- new version, dropped obsolete patches
2006-02-01 16:26:13 +00:00
Tomáš Mráz
6b14a037c1
- get rid of the .1 in release
2005-12-20 14:50:27 +00:00
Tomáš Mráz
bb93ea2b3c
- hopefully make the askpass dialog less confusing ( #174765 )
2005-12-20 14:44:46 +00:00
Jesse Keating
6e3ae48bee
gcc update bump
2005-12-09 22:42:35 +00:00
Tomáš Mráz
09d7e68ab5
- drop x11-ssh-askpass from the package
...
- drop old build_6x ifs from spec file
- improve gnome-ssh-askpass so it doesn't reveal number of passphrase
characters to person looking at the display
- less hackish fix for the __USE_GNU problem
2005-11-22 16:48:57 +00:00
Nalin Dahyabhai
db25651586
remove now-obsolete builddep on xauth
2005-11-18 17:12:23 +00:00
Nalin Dahyabhai
3ef0dd1d9a
actually bump the release number
2005-11-18 17:05:07 +00:00
Nalin Dahyabhai
05c945b8c1
- work around gccmakedep not being there by fooling the build machinery
...
into using makedepend (which is there) instead
2005-11-18 17:03:02 +00:00
Warren Togami
0e58628723
- buildreq audit-libs-devel
...
- buildreq automake for aclocal
- buildreq imake for xmkmf
- -D_GNU_SOURCE in flags in order to get it to build Ugly hack to
workaround openssh defining __USE_GNU which is not allowed and causes
problems according to Ulrich Drepper fix this the correct way after
FC5test1
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173568 Note that it
seems we are unable to rebuild openssh at this time because gccmakedep
seems to be missing from modular X packages.
2005-11-18 04:37:53 +00:00
Warren Togami
19e22ad819
- xorg-x11-devel -> libXt-devel
...
- rebuild for new xauth location so X forwarding works
2005-11-17 20:02:37 +00:00
Warren Togami
d40b8ce60d
rebuild to pick up new xauth location so X forwarding works
2005-11-17 19:47:35 +00:00
Jeremy Katz
c799b385d1
xfree86-devel is gone
2005-11-10 00:12:18 +00:00
Jeremy Katz
35e1e0c440
- rebuild against new openssl
2005-11-10 00:10:18 +00:00
Tomáš Mráz
fc72c21070
- put back the possibility to skip SELinux patch
...
- add patch for user login auditing by Steve Grubb
2005-10-28 16:02:53 +00:00
Daniel J Walsh
5312560fd5
Update selinux patch to use rolelevel call
2005-10-18 20:57:59 +00:00
Daniel J Walsh
0e07edf81f
- Update selinux patch to use getseuserbyname
2005-10-13 21:14:36 +00:00
Tomáš Mráz
092218f61b
- typo
2005-10-07 12:52:51 +00:00
Tomáš Mráz
896122bfea
- use include instead of pam_stack in pam config
...
- use fork+exec instead of system in scp (#168167 )
- upstream patch for displaying authentication errors
2005-10-07 12:46:20 +00:00
Tomáš Mráz
5bab487cc3
- use include instead of pam_stack in pam config
...
- use fork+exec instead of system in scp (#168167 )
- upstream patch for displaying authentication errors
2005-10-07 12:29:15 +00:00
Tomáš Mráz
de2e7a36f5
- upgrade to a new upstream version
2005-09-06 19:55:17 +00:00
Tomáš Mráz
f94d8f533f
- use x11-ssh-askpass if openssh-askpass-gnome is not installed ( #165207 )
...
- install ssh-copy-id from contrib (#88707 )
2005-08-16 11:18:44 +00:00
Tomáš Mráz
fa148157e7
- don't deadlock on exit with multiple X forwarded channels ( #152432 )
...
- don't use X11 port which can't be bound on all IP families (#163732 )
2005-07-27 11:42:36 +00:00
Tomáš Mráz
79c96868ce
- fix small regression caused by the nologin patch ( #161956 )
...
- fix race in getpeername error checking (mindrot #1054 )
2005-06-29 11:24:36 +00:00
Tomáš Mráz
8552577357
- release up
2005-06-09 19:59:04 +00:00
Tomáš Mráz
9ac1c8b26a
- use only pam_nologin for nologin testing
2005-06-09 19:58:01 +00:00