Commit Graph

  • 32dc9bd1cd Drop unused function from audit Jakub Jelen 2018-01-16 16:24:27 +0100
  • 316553ade0 Remove TCP wrappers support (#1530163) Jakub Jelen 2018-01-16 15:06:23 +0100
  • 871dc3ed3e openssh-7.6p1-4 + 0.10.3-3 Jakub Jelen 2017-12-14 10:23:37 +0100
  • 17cd512319 Whitelist gettid() syscall for systemd (cleanup procedure?) Jakub Jelen 2017-12-12 14:19:35 +0100
  • 1f2a7f3926 openssh-7.6p1-3 + 0.10.3-3 Jakub Jelen 2017-12-11 11:54:38 +0100
  • fde6b96b35 Avoid gcc warnings about uninitialized variables Jakub Jelen 2017-11-24 15:48:45 +0100
  • 217da75d53 Do not segfault for repetitive cipher_free() from audit (#1524233) Jakub Jelen 2017-11-24 14:49:00 +0100
  • eef660e534 7.6p1-2 + 0.10.3-3 Jakub Jelen 2017-11-22 08:57:03 +0100
  • e3f4c1243d Do not build all the binaries against libldap Jakub Jelen 2017-11-15 10:14:33 +0100
  • 2087929a90 Do not segfault for ECC keys in PKCS#11 Jakub Jelen 2017-11-14 12:53:12 +0100
  • a464c88ee6 forgotten sources Jakub Jelen 2017-11-07 16:49:23 +0100
  • 8fc2fee4e4 7.6p1-1 + 0.10.3-3 Jakub Jelen 2017-10-19 16:24:27 +0200
  • cdc735a59b Make sure we audit properly from the new code Jakub Jelen 2017-10-19 16:06:27 +0200
  • e0e7ed914b Address issues of another PR#48 review Jakub Jelen 2017-10-18 14:48:25 +0200
  • c08aa4b8b1 Fix after-release bug in PermitOpen (posted on ML) Jakub Jelen 2017-10-18 14:40:59 +0200
  • 5b55d0951d rebase patches to openssh-7.6p1 and make it build Jakub Jelen 2017-09-26 14:04:45 +0200
  • 9e46aafab9 openssh-7.5p1-6 + 0.10.3-2 Jakub Jelen 2017-09-11 15:56:19 +0200
  • ed0b5e5a9f Remove pam_reauthorize, not needed by cockpit anymore (#1492313) Jakub Jelen 2017-09-19 13:21:36 +0200
  • e044c5cf76 Enforce pam_sepermit for all logins (#1492313) Jakub Jelen 2017-09-19 13:10:27 +0200
  • 72514f7644 Add newer gssapi kex methods, but leave them disabled out of the box yet Jakub Jelen 2017-09-13 14:44:31 +0200
  • 8bcc21ed64 Add enablement for openssl-ibmca and openssl-ibmpkcs11 (#1477636) Jakub Jelen 2017-09-11 16:07:46 +0200
  • 8c9e97e65a Do not export KRBCCNAME if the default path is used (#1199363) Jakub Jelen 2017-09-11 15:54:31 +0200
  • ce1afcf244 initial commit of tests from upstreamfirst project Mike Gahagan 2017-09-29 12:58:09 -0400
  • ef66c0c677 openssh-7.5p1-5 + 0.10.3-2 Jakub Jelen 2017-08-14 09:45:09 +0200
  • 0ce6c7b710 Another approach for crypto policies (#1479271) Jakub Jelen 2017-08-09 15:14:13 +0200
  • 970a418151 Do not talk about SSHv1 in Summary Jakub Jelen 2017-08-09 15:15:11 +0200
  • 6a05936971 Revert "server crypto policy" Jakub Jelen 2017-08-09 14:58:13 +0200
  • fffad0579c openssh-7.5p1-4 + 0.10.3-2 Jakub Jelen 2017-08-02 13:46:00 +0200
  • 722f82b9ab Remove openssh-clients-ssh1 subpackage (#1474942) Jakub Jelen 2017-08-01 19:00:24 +0200
  • 1d8ffcfe05 Preprocess the configuration files to include crypto policies. Jakub Jelen 2017-07-11 15:41:09 +0200
  • be108c2c82 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild Fedora Release Engineering 2017-07-27 01:53:26 +0000
  • 64a3610c1f perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> Petr Písař 2017-07-12 14:20:53 +0200
  • 2ea24bb006 openssh-7.5p1-2 + 0.10.3-2 Jakub Jelen 2017-06-30 12:44:10 +0200
  • 9dbec70c9c Sync FIPS patch with RHEL Jakub Jelen 2017-06-30 12:18:02 +0200
  • cdc7ba7293 get rid of unconditional goto in RSA1 code Jakub Jelen 2017-06-19 18:23:59 +0200
  • f07a0866e1 Avoid double-free in the openssl-1.1.0 patch Jakub Jelen 2017-06-15 13:41:24 +0200
  • eb751fd1d3 In FIPS mode do not append bogus comma after the kex list Jakub Jelen 2017-04-26 14:26:25 +0200
  • 204765aba1 openssh-7.5p1-2 + 0.10.3-2 Jakub Jelen 2017-03-22 14:19:10 +0100
  • c2f63ba00b Revert the chroot magic Jakub Jelen 2017-03-23 14:47:08 +0100
  • 93868f39a9 Remove RestartPreventExitStatus which can break on slow networks Jakub Jelen 2017-03-22 18:00:17 +0100
  • fb74d1ec96 Add missing header on s390 (#1434341) Jakub Jelen 2017-03-21 14:24:03 +0100
  • 09320cf61a Fix typo in sandbox code, that got out after release Jakub Jelen 2017-03-21 10:12:44 +0100
  • 17b491b307 openssh-7.5p1-1 + 0.10.3-2 Jakub Jelen 2017-03-20 15:55:43 +0100
  • fd58b9eabb Add new DH kex into the FIPS-allowed list Jakub Jelen 2017-03-08 14:37:07 +0100
  • 7b666e5764 openssh-7.4p1-4 + 0.10.3-1 Jakub Jelen 2017-02-28 15:13:40 +0100
  • a9ad706d82 Coverity reports applied Jakub Jelen 2017-03-03 15:51:39 +0100
  • f499c489fd Do not leave service in auto-restarting mode in case of configuration failure Jakub Jelen 2017-03-01 18:35:45 +0100
  • b83281f89d Avoid sending SD_NOTIFY from wrong processes (#1427526) Jakub Jelen 2017-02-28 15:13:24 +0100
  • ab7f9474c7 openssh-7.4p1-3 + 0.10.3-1 Jakub Jelen 2017-02-20 13:32:23 +0100
  • 3448f25d85 Typo Jakub Jelen 2017-02-21 19:25:41 +0100
  • b92d3c8ae0 Reference upstream bug Jakub Jelen 2017-02-20 15:24:15 +0100
  • 4e7cdec7ef Add systemd stuff to keep track of service Jakub Jelen 2017-02-20 13:31:29 +0100
  • 140ef5a0f5 Properly report errors from included files (#1408558) Jakub Jelen 2017-02-20 13:22:04 +0100
  • a97eeb671c ppc architecture is gone for years Jakub Jelen 2017-02-16 10:46:10 +0100
  • 4cf8f1aa09 Cleaner linking ldap-helper (circular dependencies) Jakub Jelen 2017-02-14 10:29:34 +0100
  • 465b6e6b82 Check seteuid return values in all cases Jakub Jelen 2017-02-07 15:34:01 +0100
  • bdb932c46a new pam_ssh_agent_auth-0.10.3 release Jakub Jelen 2017-02-07 15:33:15 +0100
  • 26cec0607f openssh-7.4p1-2 + 0.10.2-5 Jakub Jelen 2017-02-06 09:47:28 +0100
  • 640dfa350e Set environment variable to avoid race condition with systemd (#1415218) Jakub Jelen 2017-02-06 09:41:32 +0100
  • 4a6ef41937 Do not overwrite N and E for RSA-certs in ssh-agent (#1416584) Jakub Jelen 2017-02-03 11:06:19 +0100
  • 28ff3aa1c5 Correct path to crypto policies Jakub Jelen 2017-01-06 13:00:16 +0100
  • b19926d292 openssh-7.4p1-1 + 0.10.2-5 Jakub Jelen 2017-01-03 14:30:38 +0100
  • 58f79a27c3 Whitelist /usr/lib64/ for PKCS#11 modules Jakub Jelen 2017-01-03 10:43:15 +0100
  • 6cf9b8e61b rebase to openssh-7.4p1-1 Jakub Jelen 2017-01-02 15:42:13 +0100
  • 4189cebf7a Cache supported OIDS for GSSAPI kex (#1395288) Jakub Jelen 2017-01-02 14:42:38 +0100
  • dd8e5419eb Fix use-after-free error (#1409433) Jakub Jelen 2017-01-02 14:23:54 +0100
  • 38869a3406 Prevent hangs with long MOTD (filling buffers and blocking) Jakub Jelen 2016-12-15 14:29:36 +0100
  • d8c2e8dc88 openssh-7.3p1-7 + 0.10.2-4 Jakub Jelen 2016-12-08 13:57:03 +0100
  • 162941961a Move MAX_DISPLAYS to a configuration option Jakub Jelen 2016-12-08 13:51:28 +0100
  • 4ce5741703 Properly deserialize received RSA certificates in ssh-agent (#1402029) Jakub Jelen 2016-12-08 13:50:08 +0100
  • 7bccf7e6e0 openssh-7.3p1-6 + 0.10.2-4 Jakub Jelen 2016-11-16 11:07:41 +0100
  • ef1da17783 GSSAPI requires futex syscall in privsep child (#1395288) Jakub Jelen 2016-11-16 08:38:35 +0100
  • ccf623128a Fix changelog Jakub Jelen 2016-11-07 09:33:43 +0100
  • 2a8bce34e4 openssh-7.3p1-5 + 0.10.2-4 Jakub Jelen 2016-10-27 18:26:25 +0200
  • aacf0d429a OpenSSL 1.1.0 compat Jakub Jelen 2016-10-22 22:47:27 +0200
  • ecc9f8d02b When doing chroot * we should not drop any capabilities for root * we should not clear bounding capabilities for other users * we should probably retain the supplement groups Jakub Jelen 2016-10-21 14:50:42 +0200
  • c9d9fe9b0f Recommend crypto-policies for a client package Jakub Jelen 2016-10-11 10:29:50 +0200
  • d924bc6892 openssh-7.3p1-4 + 0.10.2-4 Jakub Jelen 2016-09-29 11:17:14 +0200
  • 639ae2c73c Include client Crypto Policy (#1225752) Jakub Jelen 2016-09-29 11:26:06 +0200
  • ae831ab305 Fix NULL derefence (#1380297) https://anongit.mindrot.org/openssh.git/patch/?id=28652bca29046f62c7045e933e6b931de1d16737 Jakub Jelen 2016-09-29 11:15:13 +0200
  • 739842b137 Make the code build without SELinux and without Audit Jakub Jelen 2016-09-15 16:36:04 +0200
  • 0a605f4d31 openssh-7.3p1-3 + 0.10.2-4 Jakub Jelen 2016-08-15 12:20:15 +0200
  • 38d533a5e1 Proper content of the included configuration files Jakub Jelen 2016-08-15 12:18:50 +0200
  • 73953d29f1 openssh-7.3p1-2 + 0.10.2-4 Jakub Jelen 2016-08-09 10:32:01 +0200
  • 88f3a752ae openssh-7.3p1-1. + 0.10.2-4 Jakub Jelen 2016-08-09 08:24:35 +0200
  • 90ffc35e29 Correct permissions on the ssh_config directory (#1365270) Jakub Jelen 2016-08-09 08:23:44 +0200
  • 7ea4bdf410 forgotten sources Jakub Jelen 2016-08-05 15:49:56 +0200
  • a711d3c82f openssh-7.3p1-1 + 0.10.2-4 Jakub Jelen 2016-07-26 12:31:13 +0200
  • 6454089e75 Create include directory with example content (redhat modifications) Jakub Jelen 2016-08-04 10:57:32 +0200
  • 334feb284c Do not build ssh-keycat with sshd LIBS Jakub Jelen 2016-08-02 12:53:25 +0200
  • b165161da2 When we don't listen for the clients, num_listen_socks is -1 Jakub Jelen 2016-07-26 15:14:46 +0200
  • 6da7f4d0ed Drop SCP progressmeter patch because of reworked UTF-8 API (tracked upstream #2434) Jakub Jelen 2016-07-26 10:55:37 +0200
  • b487a6d746 Move old canohost.h API to shared place, so it can be used by audit and gssapi (states) Jakub Jelen 2016-07-26 10:54:13 +0200
  • 5878ebb50e Most of the coverity patch applied upstream, context changes for rebase Jakub Jelen 2016-07-25 16:21:15 +0200
  • 70c2ac20bd CVE-2016-6210 is fixed upstream Jakub Jelen 2016-07-25 15:29:47 +0200
  • 13a7aaf5e3 CVE-2015-8325 and certificate regression are fixed upstream Jakub Jelen 2016-07-25 15:23:16 +0200
  • 38e1dfa80d Upstream bug #2477 applied Jakub Jelen 2016-07-25 15:22:09 +0200
  • 4bd77fcccc seccomp for secondary architecures patch already upstream (#2590) Jakub Jelen 2016-07-25 15:02:45 +0200
  • 05bc93847e Bug #2281 resolved upstream Jakub Jelen 2016-07-25 14:56:34 +0200
  • 178ce15f5a UTF-8 banners resolved by upstream bug #2058 Jakub Jelen 2016-07-25 14:54:30 +0200