An open source implementation of SSH protocol versions 1 and 2
Go to file
Petr Lautrbach 44fb3c6aeb OpenSSH 6.5 and 6.6 sometimes encode a value used in the
curve25519 key exchange incorrectly, causing connection failures
about 0.2% of the time when this method is used against a peer that
implements the method properly.

Fix the problem and disable the curve25519 KEX when speaking to
OpenSSH 6.5 or 6.6. This version will identify itself as 6.6.1
to enable the compatability code.

openssh-6.6.1p1
2014-06-03 17:18:36 +02:00
.gitignore rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-4.3p2-askpass-grab-info.patch - improve selinux patch (by Jan Kiszka) 2006-07-17 14:09:15 +00:00
openssh-5.1p1-askpass-progress.patch - rediff for no fuzz 2008-07-23 17:33:16 +00:00
openssh-5.1p1-scp-manpage.patch - rediff for no fuzz 2008-07-23 17:33:16 +00:00
openssh-5.5p1-x11.patch - add auditing the host based key ussage 2010-11-05 17:31:30 +01:00
openssh-5.6p1-exit-deadlock.patch Upgrade to openssh-5.6p1 2010-08-03 02:41:49 +02:00
openssh-5.8p1-getaddrinfo.patch Look for x11 forward sockets with AI_ADDRCONFIG flag getaddrinfo (#735889) 2012-02-14 18:11:26 +01:00
openssh-5.8p1-glob.patch CVE-2010-4755 2011-03-07 20:31:52 +01:00
openssh-5.8p1-localdomain.patch the private keys may be 640 root:ssh_keys ssh_keysign is sgid 2011-04-22 11:43:01 +02:00
openssh-5.8p1-packet.patch the intermediate context is set to sshd_sftpd_t 2011-04-05 20:54:12 +02:00
openssh-5.8p2-remove-stale-control-socket.patch remove stale control sockets (#706396) 2011-06-09 16:10:59 +02:00
openssh-5.8p2-sigpipe.patch ignore SIGPIPE in ssh keyscan 2011-08-23 19:01:59 +02:00
openssh-5.9p1-edns.patch Coverity second pass 2011-09-09 21:18:35 +02:00
openssh-5.9p1-ipv6man.patch ignore SIGPIPE in ssh keyscan 2011-09-07 15:12:54 +02:00
openssh-5.9p1-randclean.patch ignore SIGPIPE in ssh keyscan 2011-09-07 15:12:54 +02:00
openssh-5.9p1-wIm.patch coverity upgrade 2011-09-14 17:03:03 +02:00
openssh-6.1p1-askpass-ld.patch rebase to openssh-6.1p1 (#852651) 2012-09-15 13:29:49 +02:00
openssh-6.1p1-gssapi-canohost.patch fix gssapi canohost patch (#863350) 2012-10-30 11:06:45 +01:00
openssh-6.2p1-vendor.patch Revert "adjust openssh-6.2p1-vendor.patch after previous commit" 2013-10-08 17:04:51 +02:00
openssh-6.3p1-coverity.patch rebase for openssh-6.3p1, remove unused patches (#1007769) 2013-10-14 15:54:41 +02:00
openssh-6.3p1-ctr-evp-fast.patch rebase for openssh-6.3p1, remove unused patches (#1007769) 2013-10-14 15:54:41 +02:00
openssh-6.3p1-fips.patch log fipscheck verification message into syslog authpriv 2014-02-26 14:52:42 +01:00
openssh-6.3p1-force_krb.patch rebase for openssh-6.3p1, remove unused patches (#1007769) 2013-10-14 15:54:41 +02:00
openssh-6.3p1-gsskex.patch don't clean up gssapi credentials by default (#1055016) 2014-02-26 17:08:07 +01:00
openssh-6.3p1-increase-size-of-DF-groups.patch Increase the size of the Diffie-Hellman groups requested for a each 2013-10-23 22:41:53 +02:00
openssh-6.3p1-krb5-use-default_ccache_name.patch use default_ccache_name from /etc/krb5.conf for a kerberos cache (#991186) 2013-10-23 22:08:19 +02:00
openssh-6.3p1-kuserok.patch rebase for openssh-6.3p1, remove unused patches (#1007769) 2013-10-14 15:54:41 +02:00
openssh-6.4p1-audit.patch fix fatal() cleanup in the audit patch (#1029074) 2013-11-26 13:22:08 +01:00
openssh-6.4p1-CLOCK_BOOTTIME.patch try CLOCK_BOOTTIME with fallback (#1091992) 2014-05-14 17:30:43 +02:00
openssh-6.4p1-FIPS-mode-SP800-131A.patch FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A 2014-01-23 18:29:02 +01:00
openssh-6.4p1-fromto-remote.patch use tty allocation for a remote scp 2014-01-23 18:30:39 +01:00
openssh-6.4p1-ignore-bad-env-var.patch ignore environment variables with embedded '=' or '\0' characters (#1077843) 2014-05-15 10:24:04 +02:00
openssh-6.4p1-legacy-ssh-copy-id.patch fix ssh-copy-id (#1058792) 2014-02-26 14:53:23 +01:00
openssh-6.6p1-allow-ip-opts.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-ctr-cavstest.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-CVE-2014-2653.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-entropy.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-fingerprint.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-keycat.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-keyperm.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-ldap.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-log-usepam-no.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-privsep-selinux.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-redhat.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-6.6p1-role-mls.patch rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch OpenSSH 6.5 and 6.6 sometimes encode a value used in the 2014-06-03 17:18:36 +02:00
openssh.spec OpenSSH 6.5 and 6.6 sometimes encode a value used in the 2014-06-03 17:18:36 +02:00
pam_ssh_agent_auth-0.9.2-seteuid.patch - properly restore euid in case connect to the ssh-agent socket fails 2010-11-24 07:49:04 +01:00
pam_ssh_agent_auth-0.9.2-visibility.patch fix segfault in su when pam_ssh_agent_auth is used and the ssh-agent 2012-06-22 14:52:35 +02:00
pam_ssh_agent_auth-0.9.3-build.patch fix segfault in su when pam_ssh_agent_auth is used and the ssh-agent 2012-06-22 14:52:35 +02:00
pam_ssh_agent_auth-0.9.3-no-xfree.patch don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> (#1024965) 2013-11-01 17:06:02 +01:00
pam_ssh_agent-rmheaders - Add pam_ssh_agent_auth module to a subpackage. 2009-10-19 07:32:33 +00:00
sources rebase to openssh-6.6p1 2014-06-03 16:51:07 +02:00
ssh-keycat.pam improove ssk-keycat (documentation) 2011-03-04 15:22:12 +01:00
sshd-keygen use only rsa and ecdsa host keys by default 2013-12-11 14:28:49 +01:00
sshd-keygen.service sshd-keygen.service - don't check dsa key, use ecdsa instead 2014-02-19 13:58:34 +01:00
sshd.init Systemd compatibility according to Mathieu Bridon <bochecha@fedoraproject.org> 2011-06-28 10:35:28 +02:00
sshd.pam Add postlogin to pam. (#718807) 2011-07-14 15:15:29 +02:00
sshd.service automatically restart sshd.service on-failure with 42s interval 2013-09-11 16:52:21 +02:00
sshd.socket still support /etc/sysconfig/sshd loading in sshd service (#754732) 2011-11-18 09:20:54 +01:00
sshd.sysconfig use only rsa and ecdsa host keys by default 2013-12-11 14:28:49 +01:00
sshd@.service add socket activated sshd units to the package (#963268) 2013-05-21 18:37:18 +02:00