Merge 6.7p1.

  * New upstream release (http://www.openssh.com/txt/release-6.7):
    - sshd(8): The default set of ciphers and MACs has been altered to
      remove unsafe algorithms.  In particular, CBC ciphers and arcfour* are
      disabled by default.  The full set of algorithms remains available if
      configured explicitly via the Ciphers and MACs sshd_config options.
    - ssh(1), sshd(8): Add support for Unix domain socket forwarding.  A
      remote TCP port may be forwarded to a local Unix domain socket and
      vice versa or both ends may be a Unix domain socket (closes: #236718).
    - ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for ED25519
      key types.
    - sftp(1): Allow resumption of interrupted uploads.
    - ssh(1): When rekeying, skip file/DNS lookups of the hostkey if it is
      the same as the one sent during initial key exchange.
    - sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind addresses
      when GatewayPorts=no; allows client to choose address family.
    - sshd(8): Add a sshd_config PermitUserRC option to control whether
      ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys
      option.
    - ssh(1): Add a %C escape sequence for LocalCommand and ControlPath that
      expands to a unique identifer based on a hash of the tuple of (local
      host, remote user, hostname, port).  Helps avoid exceeding miserly
      pathname limits for Unix domain sockets in multiplexing control paths.
    - sshd(8): Make the "Too many authentication failures" message include
      the user, source address, port and protocol in a format similar to the
      authentication success / failure messages.
    - Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is
      available. It considers time spent suspended, thereby ensuring
      timeouts (e.g. for expiring agent keys) fire correctly (closes:
      #734553).
    - Use prctl() to prevent sftp-server from accessing
      /proc/self/{mem,maps}.
  * Restore TCP wrappers support, removed upstream in 6.7.  It is true that
    dropping this reduces preauth attack surface in sshd.  On the other
    hand, this support seems to be quite widely used, and abruptly dropping
    it (from the perspective of users who don't read openssh-unix-dev) could
    easily cause more serious problems in practice.  It's not entirely clear
    what the right long-term answer for Debian is, but it at least probably
    doesn't involve dropping this feature shortly before a freeze.
  * Replace patch to disable OpenSSL version check with an updated version
    of Kurt Roeckx's patch from #732940 to just avoid checking the status
    field.

1 files changed, 931 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 38de846ff..63aeae556 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,934 @@
+20131006
+ - (djm) Release OpenSSH-6.7
+
+20141003
+ - (djm) [sshd_config.5] typo; from Iain Morgan
+
+20141001
+ - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
+   [openbsd-compat/openbsd-compat.h] Kludge around bad glibc
+   _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
+   ok dtucker@
+
+20140910
+ - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
+   patch from Felix von Leitner; ok dtucker
+
+20140908
+ - (dtucker) [INSTALL] Update info about egd.  ok djm@
+
+20140904
+ - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
+
+20140903
+ - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
+   conditionalise to avoid duplicate definition.
+ - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
+   permissions/ACLs; from Corinna Vinschen
+
+20140830
+ - (djm) [openbsd-compat/openssl-compat.h] add
+   OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
+ - (djm) [misc.c] Missing newline between functions
+ - (djm) [openbsd-compat/openssl-compat.h] add include guard
+ - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
+
+20140827
+ - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
+   [regress/unittests/sshkey/common.c]
+   [regress/unittests/sshkey/test_file.c]
+   [regress/unittests/sshkey/test_fuzz.c]
+   [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
+   on !ECC OpenSSL systems
+ - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
+   monitor, not preauth; bz#2263
+ - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
+   using memset_s() where possible; improve fallback to indirect bzero
+   via a volatile pointer to give it more of a chance to avoid being
+   optimised away.
+
+20140825
+ - (djm) [bufec.c] Skip this file on !ECC OpenSSL
+ - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
+   update OpenSSL version requirement.
+
+20140824
+ - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
+   PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
+
+20140823
+ - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
+   lastlog writing on platforms with high UIDs; bz#2263
+ - (djm) [configure.ac] We now require a working vsnprintf everywhere (not
+   just for systems that lack asprintf); check for it always and extend
+   test to catch more brokenness. Fixes builds on Solaris <= 9
+
+20140822
+ - (djm) [configure.ac] include leading zero characters in OpenSSL version
+   number; fixes test for unsupported versions
+ - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
+ - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
+   definition mismatch) and warning for broken/missing snprintf case.
+ - (djm) [configure.ac] double braces to appease autoconf
+
+20140821
+ - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.
+ - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL
+ - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
+   don't set __progname. Diagnosed by Tom Christensen.
+
+20140820
+ - (djm) [configure.ac] Check OpenSSL version is supported at configure time;
+   suggested by Kevin Brott
+ - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than
+   -L/-l; fixes linking problems on some platforms
+ - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC
+ - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna
+
+20140819
+ - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen
+ - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.
+ - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG
+ - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]
+   [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
+   of TCP wrappers.
+
+20140811
+ - (djm) [myproposal.h] Make curve25519 KEX dependent on
+   HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
+
+20140810
+ - (djm) [README contrib/caldera/openssh.spec]
+   [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
+
+20140801
+ - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
+   a better solution, but this will have to do for now.
+ - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
+   is closed; avoid regress failures when stdin is /dev/null
+ - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
+   nc from stdin, it's more portable
+
+20140730
+ - OpenBSD CVS Sync
+   - millert@cvs.openbsd.org 2014/07/24 22:57:10
+     [ssh.1]
+     Mention UNIX-domain socket forwarding too.  OK jmc@ deraadt@
+   - dtucker@cvs.openbsd.org 2014/07/25 21:22:03
+     [ssh-agent.c]
+     Clear buffer used for handling messages.  This prevents keys being
+     left in memory after they have been expired or deleted in some cases
+     (but note that ssh-agent is setgid so you would still need root to
+     access them).  Pointed out by Kevin Burns, ok deraadt
+   - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
+     [sftp-server.8 sshd_config.5]
+     some systems no longer need /dev/log;
+     issue noticed by jirib;
+     ok deraadt
+
+20140725
+ - (djm) [regress/multiplex.sh] restore incorrectly deleted line;
+   pointed out by Christian Hesse
+
+20140722
+ - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
+   put it back
+ - (djm) [regress/multiplex.sh] change the test for still-open Unix
+   domain sockets to be robust against nc implementations that produce
+   error messages.
+ - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
+   specific tests inside OPENSSL_HAS_ECC.
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
+     [key.c]
+     Prevent spam from key_load_private_pem during hostbased auth.  ok djm@
+   - guenther@cvs.openbsd.org 2014/07/22 07:13:42
+     [umac.c]
+     Convert from <sys/endian.h> to the shiney new <endian.h>
+     ok dtucker@, who also confirmed that -portable handles this already
+     (ID sync only, includes.h pulls in endian.h if available.)
+   - djm@cvs.openbsd.org 2014/07/22 01:32:12
+     [regress/multiplex.sh]
+     change the test for still-open Unix domain sockets to be robust against
+     nc implementations that produce error messages. from -portable
+     (Id sync only)
+   - dtucker@cvs.openbsd.org 2014/07/22 23:23:22
+     [regress/unittests/sshkey/mktestdata.sh]
+     Sign test certs with ed25519 instead of ecdsa so that they'll work in
+     -portable on platforms that don't have ECDSA in their OpenSSL.  ok djm
+   - dtucker@cvs.openbsd.org 2014/07/22 23:57:40
+     [regress/unittests/sshkey/mktestdata.sh]
+     Add $OpenBSD tag to make syncs easier
+   - dtucker@cvs.openbsd.org 2014/07/22 23:35:38
+     [regress/unittests/sshkey/testdata/*]
+     Regenerate test keys with certs signed with ed25519 instead of ecdsa.
+     These can be used in -portable on platforms that don't support ECDSA.
+
+20140721
+ - OpenBSD CVS Sync
+   - millert@cvs.openbsd.org 2014/07/15 15:54:15
+     [forwarding.sh multiplex.sh]
+     Add support for Unix domain socket forwarding.  A remote TCP port
+     may be forwarded to a local Unix domain socket and vice versa or
+     both ends may be a Unix domain socket.  This is a reimplementation
+     of the streamlocal patches by William Ahern from:
+         http://www.25thandclement.com/~william/projects/streamlocal.html
+     OK djm@ markus@
+ - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
+ - (dtucker) [sshkey.c] ifdef out unused variable when compiling without
+   OPENSSL_HAS_ECC.
+
+20140721
+ - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
+   needed to build AES CTR mode against OpenSSL 0.9.8f and above.  ok djm
+ - (dtucker) [regress/unittests/sshkey/
+   {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
+   ifdefs.
+
+20140719
+ - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
+   in servconf.h.
+
+20140718
+ - OpenBSD CVS Sync
+   - millert@cvs.openbsd.org 2014/07/15 15:54:14
+     [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
+     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
+     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
+     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
+     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
+     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
+     [sshd_config.5 sshlogin.c]
+     Add support for Unix domain socket forwarding.  A remote TCP port
+     may be forwarded to a local Unix domain socket and vice versa or
+     both ends may be a Unix domain socket.  This is a reimplementation
+     of the streamlocal patches by William Ahern from:
+         http://www.25thandclement.com/~william/projects/streamlocal.html
+     OK djm@ markus@
+   - jmc@cvs.openbsd.org 2014/07/16 14:48:57
+     [ssh.1]
+     add the streamlocal* options to ssh's -o list; millert says they're
+     irrelevant for scp/sftp;
+     ok markus millert
+   - djm@cvs.openbsd.org 2014/07/17 00:10:56
+     [sandbox-systrace.c]
+     ifdef SYS_sendsyslog so this will compile without patching on -stable
+   - djm@cvs.openbsd.org 2014/07/17 00:10:18
+     [mux.c]
+     preserve errno across syscall
+   - djm@cvs.openbsd.org 2014/07/17 00:12:03
+     [key.c]
+     silence "incorrect passphrase" error spam; reported and ok dtucker@
+   - djm@cvs.openbsd.org 2014/07/17 07:22:19
+     [mux.c ssh.c]
+     reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
+     previously we were always returning 0. bz#2255 reported by Brendan
+     Germain; ok dtucker
+   - djm@cvs.openbsd.org 2014/07/18 02:46:01
+     [ssh-agent.c]
+     restore umask around listener socket creation (dropped in streamlocal patch
+     merge)
+ - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used
+   in servconf.h.
+ - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
+   tests.
+ - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
+
+20140717
+ - (djm) [digest-openssl.c] Preserve array order when disabling digests.
+   Reported by Petr Lautrbach.
+ - OpenBSD CVS Sync
+   - deraadt@cvs.openbsd.org 2014/07/11 08:09:54
+     [sandbox-systrace.c]
+     Permit use of SYS_sendsyslog from inside the sandbox.  Clock is ticking,
+     update your kernels and sshd soon.. libc will start using sendsyslog()
+     in about 4 days.
+   - tedu@cvs.openbsd.org 2014/07/11 13:54:34
+     [myproposal.h]
+     by popular demand, add back hamc-sha1 to server proposal for better compat
+     with many clients still in use. ok deraadt
+
+20140715
+ - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto
+   has been located; fixes builds agains libressl-portable
+
+20140711
+ - OpenBSD CVS Sync
+   - benno@cvs.openbsd.org 2014/07/09 14:15:56
+     [ssh-add.c]
+     fix ssh-add crash while loading more than one key
+     ok markus@
+
+20140709
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2014/07/07 08:19:12
+     [ssh_config.5]
+     mention that ProxyCommand is executed using shell "exec" to avoid
+     a lingering process; bz#1977
+   - djm@cvs.openbsd.org 2014/07/09 01:45:10
+     [sftp.c]
+     more useful error message when GLOB_NOSPACE occurs;
+     bz#2254, patch from Orion Poplawski
+   - djm@cvs.openbsd.org 2014/07/09 03:02:15
+     [key.c]
+     downgrade more error() to debug() to better match what old authfile.c
+     did; suppresses spurious errors with hostbased authentication enabled
+   - djm@cvs.openbsd.org 2014/07/06 07:42:03
+     [multiplex.sh test-exec.sh]
+     add a hook to the cleanup() function to kill $SSH_PID if it is set
+     
+     use it to kill the mux master started in multiplex.sh (it was being left
+     around on fatal failures)
+   - djm@cvs.openbsd.org 2014/07/07 08:15:26
+     [multiplex.sh]
+     remove forced-fatal that I stuck in there to test the new cleanup
+     logic and forgot to remove...
+
+20140706
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2014/07/03 23:18:35
+     [authfile.h]
+     remove leakmalloc droppings
+   - djm@cvs.openbsd.org 2014/07/05 23:11:48
+     [channels.c]
+     fix remote-forward cancel regression; ok markus@
+
+20140704
+ - OpenBSD CVS Sync
+   - jsing@cvs.openbsd.org 2014/07/03 12:42:16
+     [cipher-chachapoly.c]
+     Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
+     makes it easier to verify that chacha_encrypt_bytes() is only called once
+     per chacha_ivsetup() call.
+     ok djm@
+   - djm@cvs.openbsd.org 2014/07/03 22:23:46
+     [sshconnect.c]
+     when rekeying, skip file/DNS lookup if it is the same as the key sent
+     during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
+   - djm@cvs.openbsd.org 2014/07/03 22:33:41
+     [channels.c]
+     allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
+     GatewayPorts=no; allows client to choose address family;
+     bz#2222 ok markus@
+   - djm@cvs.openbsd.org 2014/07/03 22:40:43
+     [servconf.c servconf.h session.c sshd.8 sshd_config.5]
+     Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
+     executed, mirroring the no-user-rc authorized_keys option;
+     bz#2160; ok markus@
+
+20140703
+ - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
+   doesn't support it.
+ - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist;
+   bz#2237
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2014/07/03 01:45:38
+     [sshkey.c]
+     make Ed25519 keys' title fit properly in the randomart border; bz#2247
+     based on patch from Christian Hesse
+   - djm@cvs.openbsd.org 2014/07/03 03:11:03
+     [ssh-agent.c]
+     Only cleanup agent socket in the main agent process and not in any
+     subprocesses it may have started (e.g. forked askpass). Fixes
+     agent sockets being zapped when askpass processes fatal();
+     bz#2236 patch from Dmitry V. Levin
+   - djm@cvs.openbsd.org 2014/07/03 03:15:01
+     [ssh-add.c]
+     make stdout line-buffered; saves partial output getting lost when
+     ssh-add fatal()s part-way through (e.g. when listing keys from an
+     agent that supports key types that ssh-add doesn't);
+     bz#2234, reported by Phil Pennock
+   - djm@cvs.openbsd.org 2014/07/03 03:26:43
+     [digest-openssl.c]
+     use EVP_Digest() for one-shot hash instead of creating, updating,
+     finalising and destroying a context.
+     bz#2231, based on patch from Timo Teras
+   - djm@cvs.openbsd.org 2014/07/03 03:34:09
+     [gss-serv.c session.c ssh-keygen.c]
+     standardise on NI_MAXHOST for gethostname() string lengths; about
+     1/2 the cases were using it already. Fixes bz#2239 en passant
+   - djm@cvs.openbsd.org 2014/07/03 03:47:27
+     [ssh-keygen.c]
+     When hashing or removing hosts using ssh-keygen, don't choke on
+     @revoked markers and don't remove @cert-authority markers;
+     bz#2241, reported by mlindgren AT runelind.net
+   - djm@cvs.openbsd.org 2014/07/03 04:36:45
+     [digest.h]
+     forward-declare struct sshbuf so consumers don't need to include sshbuf.h
+   - djm@cvs.openbsd.org 2014/07/03 05:32:36
+     [ssh_config.5]
+     mention '%%' escape sequence in HostName directives and how it may
+     be used to specify IPv6 link-local addresses
+   - djm@cvs.openbsd.org 2014/07/03 05:38:17
+     [ssh.1]
+     document that -g will only work in the multiplexed case if applied to
+     the mux master
+   - djm@cvs.openbsd.org 2014/07/03 06:39:19
+     [ssh.c ssh_config.5]
+     Add a %C escape sequence for LocalCommand and ControlPath that expands
+     to a unique identifer based on a has of the tuple of (local host,
+     remote user, hostname, port).
+     
+     Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
+     control paths.
+     
+     bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
+   - jmc@cvs.openbsd.org 2014/07/03 07:45:27
+     [ssh_config.5]
+     escape %C since groff thinks it part of an Rs/Re block;
+   - djm@cvs.openbsd.org 2014/07/03 11:16:55
+     [auth.c auth.h auth1.c auth2.c]
+     make the "Too many authentication failures" message include the
+     user, source address, port and protocol in a format similar to the
+     authentication success / failure messages; bz#2199, ok dtucker
+
+20140702
+ - OpenBSD CVS Sync
+   - deraadt@cvs.openbsd.org 2014/06/13 08:26:29
+     [sandbox-systrace.c]
+     permit SYS_getentropy
+     from matthew
+   - matthew@cvs.openbsd.org 2014/06/18 02:59:13
+     [sandbox-systrace.c]
+     Now that we have a dedicated getentropy(2) system call for
+     arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace
+     sandbox.
+     
+     ok djm
+   - naddy@cvs.openbsd.org 2014/06/18 15:42:09
+     [sshbuf-getput-crypto.c]
+     The ssh_get_bignum functions must accept the same range of bignums
+     the corresponding ssh_put_bignum functions create.  This fixes the
+     use of 16384-bit RSA keys (bug reported by Eivind Evensen).
+     ok djm@
+   - djm@cvs.openbsd.org 2014/06/24 00:52:02
+     [krl.c]
+     fix bug in KRL generation: multiple consecutive revoked certificate
+     serial number ranges could be serialised to an invalid format.
+     
+     Readers of a broken KRL caused by this bug will fail closed, so no
+     should-have-been-revoked key will be accepted.
+   - djm@cvs.openbsd.org 2014/06/24 01:13:21
+     [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
+     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
+     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
+     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
+     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
+     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
+     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
+     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
+     [sshconnect2.c sshd.c sshkey.c sshkey.h
+     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
+     New key API: refactor key-related functions to be more library-like,
+     existing API is offered as a set of wrappers.
+     
+     with and ok markus@
+     
+     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
+     Dempsky and Ron Bowes for a detailed review a few months ago.
+     NB. This commit also removes portable OpenSSH support for OpenSSL
+     <0.9.8e.
+   - djm@cvs.openbsd.org 2014/06/24 02:19:48
+     [ssh.c]
+     don't fatal() when hostname canonicalisation fails with a
+     ProxyCommand in use; continue and allow the ProxyCommand to
+     connect anyway (e.g. to a host with a name outside the DNS
+     behind a bastion)
+   - djm@cvs.openbsd.org 2014/06/24 02:21:01
+     [scp.c]
+     when copying local->remote fails during read, don't send uninitialised
+     heap to the remote end. Reported by Jann Horn
+   - deraadt@cvs.openbsd.org 2014/06/25 14:16:09
+     [sshbuf.c]
+     unblock SIGSEGV before raising it
+     ok djm
+   - markus@cvs.openbsd.org 2014/06/27 16:41:56
+     [channels.c channels.h clientloop.c ssh.c]
+     fix remote fwding with same listen port but different listen address
+     with gerhard@, ok djm@
+   - markus@cvs.openbsd.org 2014/06/27 18:50:39
+     [ssh-add.c]
+     fix loading of private keys
+   - djm@cvs.openbsd.org 2014/06/30 12:54:39
+     [key.c]
+     suppress spurious error message when loading key with a passphrase;
+     reported by kettenis@ ok markus@
+   - djm@cvs.openbsd.org 2014/07/02 04:59:06
+     [cipher-3des1.c]
+     fix ssh protocol 1 on the server that regressed with the sshkey change
+     (sometimes fatal() after auth completed), make file return useful status
+     codes.
+     NB. Id sync only for these two. They were bundled into the sshkey merge
+     above, since it was easier to sync the entire file and then apply
+     portable-specific changed atop it.
+   - djm@cvs.openbsd.org 2014/04/30 05:32:00
+     [regress/Makefile]
+     unit tests for new buffer API; including basic fuzz testing
+     NB. Id sync only.
+   - djm@cvs.openbsd.org 2014/05/21 07:04:21
+     [regress/integrity.sh]
+     when failing because of unexpected output, show the offending output
+   - djm@cvs.openbsd.org 2014/06/24 01:04:43
+     [regress/krl.sh]
+     regress test for broken consecutive revoked serial number ranges
+   - djm@cvs.openbsd.org 2014/06/24 01:14:17
+     [Makefile.in regress/Makefile regress/unittests/Makefile]
+     [regress/unittests/sshkey/Makefile]
+     [regress/unittests/sshkey/common.c]
+     [regress/unittests/sshkey/common.h]
+     [regress/unittests/sshkey/mktestdata.sh]
+     [regress/unittests/sshkey/test_file.c]
+     [regress/unittests/sshkey/test_fuzz.c]
+     [regress/unittests/sshkey/test_sshkey.c]
+     [regress/unittests/sshkey/tests.c]
+     [regress/unittests/sshkey/testdata/dsa_1]
+     [regress/unittests/sshkey/testdata/dsa_1-cert.fp]
+     [regress/unittests/sshkey/testdata/dsa_1-cert.pub]
+     [regress/unittests/sshkey/testdata/dsa_1.fp]
+     [regress/unittests/sshkey/testdata/dsa_1.fp.bb]
+     [regress/unittests/sshkey/testdata/dsa_1.param.g]
+     [regress/unittests/sshkey/testdata/dsa_1.param.priv]
+     [regress/unittests/sshkey/testdata/dsa_1.param.pub]
+     [regress/unittests/sshkey/testdata/dsa_1.pub]
+     [regress/unittests/sshkey/testdata/dsa_1_pw]
+     [regress/unittests/sshkey/testdata/dsa_2]
+     [regress/unittests/sshkey/testdata/dsa_2.fp]
+     [regress/unittests/sshkey/testdata/dsa_2.fp.bb]
+     [regress/unittests/sshkey/testdata/dsa_2.pub]
+     [regress/unittests/sshkey/testdata/dsa_n]
+     [regress/unittests/sshkey/testdata/dsa_n_pw]
+     [regress/unittests/sshkey/testdata/ecdsa_1]
+     [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
+     [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
+     [regress/unittests/sshkey/testdata/ecdsa_1.fp]
+     [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
+     [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
+     [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
+     [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
+     [regress/unittests/sshkey/testdata/ecdsa_1.pub]
+     [regress/unittests/sshkey/testdata/ecdsa_1_pw]
+     [regress/unittests/sshkey/testdata/ecdsa_2]
+     [regress/unittests/sshkey/testdata/ecdsa_2.fp]
+     [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
+     [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
+     [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
+     [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
+     [regress/unittests/sshkey/testdata/ecdsa_2.pub]
+     [regress/unittests/sshkey/testdata/ecdsa_n]
+     [regress/unittests/sshkey/testdata/ecdsa_n_pw]
+     [regress/unittests/sshkey/testdata/ed25519_1]
+     [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
+     [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
+     [regress/unittests/sshkey/testdata/ed25519_1.fp]
+     [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
+     [regress/unittests/sshkey/testdata/ed25519_1.pub]
+     [regress/unittests/sshkey/testdata/ed25519_1_pw]
+     [regress/unittests/sshkey/testdata/ed25519_2]
+     [regress/unittests/sshkey/testdata/ed25519_2.fp]
+     [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
+     [regress/unittests/sshkey/testdata/ed25519_2.pub]
+     [regress/unittests/sshkey/testdata/pw]
+     [regress/unittests/sshkey/testdata/rsa1_1]
+     [regress/unittests/sshkey/testdata/rsa1_1.fp]
+     [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
+     [regress/unittests/sshkey/testdata/rsa1_1.param.n]
+     [regress/unittests/sshkey/testdata/rsa1_1.pub]
+     [regress/unittests/sshkey/testdata/rsa1_1_pw]
+     [regress/unittests/sshkey/testdata/rsa1_2]
+     [regress/unittests/sshkey/testdata/rsa1_2.fp]
+     [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
+     [regress/unittests/sshkey/testdata/rsa1_2.param.n]
+     [regress/unittests/sshkey/testdata/rsa1_2.pub]
+     [regress/unittests/sshkey/testdata/rsa_1]
+     [regress/unittests/sshkey/testdata/rsa_1-cert.fp]
+     [regress/unittests/sshkey/testdata/rsa_1-cert.pub]
+     [regress/unittests/sshkey/testdata/rsa_1.fp]
+     [regress/unittests/sshkey/testdata/rsa_1.fp.bb]
+     [regress/unittests/sshkey/testdata/rsa_1.param.n]
+     [regress/unittests/sshkey/testdata/rsa_1.param.p]
+     [regress/unittests/sshkey/testdata/rsa_1.param.q]
+     [regress/unittests/sshkey/testdata/rsa_1.pub]
+     [regress/unittests/sshkey/testdata/rsa_1_pw]
+     [regress/unittests/sshkey/testdata/rsa_2]
+     [regress/unittests/sshkey/testdata/rsa_2.fp]
+     [regress/unittests/sshkey/testdata/rsa_2.fp.bb]
+     [regress/unittests/sshkey/testdata/rsa_2.param.n]
+     [regress/unittests/sshkey/testdata/rsa_2.param.p]
+     [regress/unittests/sshkey/testdata/rsa_2.param.q]
+     [regress/unittests/sshkey/testdata/rsa_2.pub]
+     [regress/unittests/sshkey/testdata/rsa_n]
+     [regress/unittests/sshkey/testdata/rsa_n_pw]
+     unit and fuzz tests for new key API
+ - (djm) [sshkey.c] Conditionalise inclusion of util.h
+ - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
+
+20140618
+ - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
+
+20140617
+ - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
+   openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
+   Move the OpenSSL header/library version test into its own function and add
+   tests for it. Fix it to allow fix version upgrades (but not downgrades).
+   Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
+   ok djm@ chl@
+
+20140616
+ - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR.  From rak at debian via
+   OpenSMTPD and chl@
+
+20140612
+ - (dtucker) [configure.ac] Remove tcpwrappers support, support has already
+   been removed from sshd.c.
+
+20140611
+ - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from
+   openbsd-compat/bsd-asprintf.c.
+ - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
+   Wrap stdlib.h include an ifdef for platforms that don't have it.
+ - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
+   u_intXX_t types.
+
+20140610
+ - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
+   regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
+   curve tests if OpenSSL has them.
+ - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
+   the proposal if the version of OpenSSL we're using doesn't support ECC.
+ - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
+   ECC variable too.
+ - (dtucker) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2014/06/05 22:17:50
+     [sshconnect2.c]
+     fix inverted test that caused PKCS#11 keys that were explicitly listed
+     not to be preferred. Reported by Dirk-Willem van Gulik
+   - dtucker@cvs.openbsd.org 2014/06/10 21:46:11
+     [sshbuf.h]
+     Group ECC functions together to make things a little easier in -portable.
+     "doesn't bother me" deraadt@
+ - (dtucker) [sshbuf.h] Only declare ECC functions if building without
+   OpenSSL or if OpenSSL has ECC.
+ - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
+   assigment that might get optimized out.  ok djm@
+ - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for
+   compat stuff, specifically whether or not OpenSSL has ECC.
+
+20140527
+ - (djm) [cipher.c] Fix merge botch.
+ - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
+   from Corinna Vinschen, fixing a number of bugs and preparing for
+   Cygwin 1.7.30.
+ - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
+   [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
+   separation user at runtime, since it may need to be a domain account.
+   Patch from Corinna Vinschen.
+
+20140522
+ - (djm) [Makefile.in] typo in path
+
+20140521
+ - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
+   vhangup on Linux. It doens't work for non-root users, and for them
+   it just messes up the tty settings.
+ - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
+   when it is available. It takes into account time spent suspended,
+   thereby ensuring timeouts (e.g. for expiring agent keys) fire
+   correctly. bz#2228 reported by John Haxby
+
+20140519
+ - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
+   OpenBSD
+ - OpenBSD CVS Sync
+   - logan@cvs.openbsd.org 2014/04/20 09:24:26
+     [dns.c dns.h ssh-keygen.c]
+     Add support for SSHFP DNS records for ED25519 key types.
+     OK from djm@
+   - logan@cvs.openbsd.org 2014/04/21 14:36:16
+     [sftp-client.c sftp-client.h sftp.c]
+     Implement sftp upload resume support.
+     OK from djm@, with input from guenther@, mlarkin@ and
+     okan@
+   - logan@cvs.openbsd.org 2014/04/22 10:07:12
+     [sftp.c]
+     Sort the sftp command list.
+     OK from djm@
+   - logan@cvs.openbsd.org 2014/04/22 12:42:04
+     [sftp.1]
+     Document sftp upload resume.
+     OK from djm@, with feedback from okan@.
+   - jmc@cvs.openbsd.org 2014/04/22 14:16:30
+     [sftp.1]
+     zap eol whitespace;
+   - djm@cvs.openbsd.org 2014/04/23 12:42:34
+     [readconf.c]
+     don't record duplicate IdentityFiles
+   - djm@cvs.openbsd.org 2014/04/28 03:09:18
+     [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
+     [ssh-keygen.c]
+     buffer_get_string_ptr's return should be const to remind
+     callers that futzing with it will futz with the actual buffer
+     contents
+   - djm@cvs.openbsd.org 2014/04/29 13:10:30
+     [clientloop.c serverloop.c]
+     bz#1818 - don't send channel success/failre replies on channels that
+     have sent a close already; analysis and patch from Simon Tatham;
+     ok markus@
+   - markus@cvs.openbsd.org 2014/04/29 18:01:49
+     [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
+     [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
+     [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
+     [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
+     make compiling against OpenSSL optional (make OPENSSL=no);
+     reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
+     allows us to explore further options; with and ok djm
+   - dtucker@cvs.openbsd.org 2014/04/29 19:58:50
+     [sftp.c]
+     Move nulling of variable next to where it's freed.  ok markus@
+   - dtucker@cvs.openbsd.org 2014/04/29 20:36:51
+     [sftp.c]
+     Don't attempt to append a nul quote char to the filename.  Should prevent
+     fatal'ing with "el_insertstr failed" when there's a single quote char
+     somewhere in the string.  bz#2238, ok markus@
+   - djm@cvs.openbsd.org 2014/04/30 05:29:56
+     [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
+     [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
+     [ssherr.h]
+     New buffer API; the first installment of the conversion/replacement
+     of OpenSSH's internals to make them usable as a standalone library.
+     
+     This includes a set of wrappers to make it compatible with the
+     existing buffer API so replacement can occur incrementally.
+     
+     With and ok markus@
+     
+     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
+     Dempsky and Ron Bowes for a detailed review.
+   - naddy@cvs.openbsd.org 2014/04/30 19:07:48
+     [mac.c myproposal.h umac.c]
+     UMAC can use our local fallback implementation of AES when OpenSSL isn't
+     available.  Glue code straight from Ted Krovetz's original umac.c.
+     ok markus@
+   - djm@cvs.openbsd.org 2014/05/02 03:27:54
+     [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
+     [misc.h poly1305.h ssh-pkcs11.c defines.h]
+     revert __bounded change; it causes way more problems for portable than
+     it solves; pointed out by dtucker@
+   - markus@cvs.openbsd.org 2014/05/03 17:20:34
+     [monitor.c packet.c packet.h]
+     unbreak compression, by re-init-ing the compression code in the
+     post-auth child. the new buffer code is more strict, and requires
+     buffer_init() while the old code was happy after a bzero();
+     originally from djm@
+   - logan@cvs.openbsd.org 2014/05/05 07:02:30
+     [sftp.c]
+     Zap extra whitespace.
+     
+     OK from djm@ and dtucker@
+ - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write
+   portability glue to support building without libcrypto
+ - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]
+   [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2014/03/13 20:44:49
+     [login-timeout.sh]
+     this test is a sorry mess of race conditions; add another sleep
+     to avoid a failure on slow machines (at least until I find a
+     better way)
+   - djm@cvs.openbsd.org 2014/04/21 22:15:37
+     [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
+     repair regress tests broken by server-side default cipher/kex/mac changes
+     by ensuring that the option under test is included in the server's
+     algorithm list
+   - dtucker@cvs.openbsd.org 2014/05/03 18:46:14
+     [proxy-connect.sh]
+     Add tests for with and without compression, with and without privsep.
+   - logan@cvs.openbsd.org 2014/05/04 10:40:59
+     [connect-privsep.sh]
+     Remove the Z flag from the list of malloc options as it
+     was removed from malloc.c 10 days ago.
+     
+     OK from miod@
+ - (djm) [regress/unittests/Makefile]
+   [regress/unittests/Makefile.inc]
+   [regress/unittests/sshbuf/Makefile]
+   [regress/unittests/sshbuf/test_sshbuf.c]
+   [regress/unittests/sshbuf/test_sshbuf_fixed.c]
+   [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
+   [regress/unittests/sshbuf/test_sshbuf_misc.c]
+   [regress/unittests/sshbuf/tests.c]
+   [regress/unittests/test_helper/Makefile]
+   [regress/unittests/test_helper/fuzz.c]
+   [regress/unittests/test_helper/test_helper.c]
+   [regress/unittests/test_helper/test_helper.h]
+   Import new unit tests from OpenBSD; not yet hooked up to build.
+ - (djm) [regress/Makefile Makefile.in]
+   [regress/unittests/sshbuf/test_sshbuf.c
+   [regress/unittests/sshbuf/test_sshbuf_fixed.c]
+   [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
+   [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
+   [regress/unittests/sshbuf/test_sshbuf_misc.c]
+   [regress/unittests/sshbuf/tests.c]
+   [regress/unittests/test_helper/fuzz.c]
+   [regress/unittests/test_helper/test_helper.c]
+   Hook new unit tests into the build and "make tests"
+ - (djm) [sshbuf.c] need __predict_false
+
+20140430
+ - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
+   have it.  Only attempt to use __attribute__(__bounded__) for gcc.
+
+20140420
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2014/03/03 22:22:30
+     [session.c]
+     ignore enviornment variables with embedded '=' or '\0' characters;
+     spotted by Jann Horn; ok deraadt@
+     Id sync only - portable already has this.
+   - djm@cvs.openbsd.org 2014/03/12 04:44:58
+     [ssh-keyscan.c]
+     scan for Ed25519 keys by default too
+   - djm@cvs.openbsd.org 2014/03/12 04:50:32
+     [auth-bsdauth.c ssh-keygen.c]
+     don't count on things that accept arguments by reference to clear
+     things for us on error; most things do, but it's unsafe form.
+   - djm@cvs.openbsd.org 2014/03/12 04:51:12
+     [authfile.c]
+     correct test that kdf name is not "none" or "bcrypt"
+   - naddy@cvs.openbsd.org 2014/03/12 13:06:59
+     [ssh-keyscan.1]
+     scan for Ed25519 keys by default too
+   - deraadt@cvs.openbsd.org 2014/03/15 17:28:26
+     [ssh-agent.c ssh-keygen.1 ssh-keygen.c]
+     Improve usage() and documentation towards the standard form. 
+     In particular, this line saves a lot of man page reading time.
+       usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
+                         [-N new_passphrase] [-C comment] [-f output_keyfile]
+     ok schwarze jmc
+   - tedu@cvs.openbsd.org 2014/03/17 19:44:10
+     [ssh.1]
+     old descriptions of des and blowfish are old. maybe ok deraadt
+   - tedu@cvs.openbsd.org 2014/03/19 14:42:44
+     [scp.1]
+     there is no need for rcp anymore
+     ok deraadt millert
+   - markus@cvs.openbsd.org 2014/03/25 09:40:03
+     [myproposal.h]
+     trimm default proposals.
+     
+     This commit removes the weaker pre-SHA2 hashes, the broken ciphers
+     (arcfour), and the broken modes (CBC) from the default configuration
+     (the patch only changes the default, all the modes are still available
+     for the config files).
+     
+     ok djm@, reminded by tedu@ & naddy@ and discussed with many
+   - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
+     [myproposal.h]
+     The current sharing of myproposal[] between both client and server code
+     makes the previous diff highly unpallatable.  We want to go in that
+     direction for the server, but not for the client.  Sigh.
+     Brought up by naddy.
+   - markus@cvs.openbsd.org 2014/03/27 23:01:27
+     [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
+     disable weak proposals in sshd, but keep them in ssh; ok djm@
+   - djm@cvs.openbsd.org 2014/03/26 04:55:35
+     [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
+     [misc.h poly1305.h ssh-pkcs11.c]
+     use __bounded(...) attribute recently added to sys/cdefs.h instead of
+     longform __attribute__(__bounded(...));
+     
+     for brevity and a warning free compilation with llvm/clang
+   - tedu@cvs.openbsd.org 2014/03/26 19:58:37
+     [sshd.8 sshd.c]
+     remove libwrap support. ok deraadt djm mfriedl
+   - naddy@cvs.openbsd.org 2014/03/28 05:17:11
+     [ssh_config.5 sshd_config.5]
+     sync available and default algorithms, improve algorithm list formatting
+     help from jmc@ and schwarze@, ok deraadt@
+   - jmc@cvs.openbsd.org 2014/03/31 13:39:34
+     [ssh-keygen.1]
+     the text for the -K option was inserted in the wrong place in -r1.108;
+     fix From: Matthew Clarke
+   - djm@cvs.openbsd.org 2014/04/01 02:05:27
+     [ssh-keysign.c]
+     include fingerprint of key not found
+     use arc4random_buf() instead of loop+arc4random()
+   - djm@cvs.openbsd.org 2014/04/01 03:34:10
+     [sshconnect.c]
+     When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
+     certificate keys to plain keys and attempt SSHFP resolution.
+     
+     Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
+     dialog by offering only certificate keys.
+     
+     Reported by mcv21 AT cam.ac.uk
+   - djm@cvs.openbsd.org 2014/04/01 05:32:57
+     [packet.c]
+     demote a debug3 to PACKET_DEBUG; ok markus@
+   - djm@cvs.openbsd.org 2014/04/12 04:55:53
+     [sshd.c]
+     avoid crash at exit: check that pmonitor!=NULL before dereferencing;
+     bz#2225, patch from kavi AT juniper.net
+   - djm@cvs.openbsd.org 2014/04/16 23:22:45
+     [bufaux.c]
+     skip leading zero bytes in buffer_put_bignum2_from_string();
+     reported by jan AT mojzis.com; ok markus@
+   - djm@cvs.openbsd.org 2014/04/16 23:28:12
+     [ssh-agent.1]
+     remove the identity files from this manpage - ssh-agent doesn't deal
+     with them at all and the same information is duplicated in ssh-add.1
+     (which does deal with them); prodded by deraadt@
+   - djm@cvs.openbsd.org 2014/04/18 23:52:25
+     [compat.c compat.h sshconnect2.c sshd.c version.h]
+     OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
+     using the curve25519-sha256@libssh.org KEX exchange method to fail
+     when connecting with something that implements the spec properly.
+     
+     Disable this KEX method when speaking to one of the affected
+     versions.
+     
+     reported by Aris Adamantiadis; ok markus@
+   - djm@cvs.openbsd.org 2014/04/19 05:54:59
+     [compat.c]
+     missing wildcard; pointed out by naddy@
+   - tedu@cvs.openbsd.org 2014/04/19 14:53:48
+     [ssh-keysign.c sshd.c]
+     Delete futile calls to RAND_seed. ok djm
+     NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
+   - tedu@cvs.openbsd.org 2014/04/19 18:15:16
+     [sshd.8]
+     remove some really old rsh references
+   - tedu@cvs.openbsd.org 2014/04/19 18:42:19
+     [ssh.1]
+     delete .xr to hosts.equiv. there's still an unfortunate amount of
+     documentation referring to rhosts equivalency in here.
+   - djm@cvs.openbsd.org 2014/04/20 02:30:25
+     [misc.c misc.h umac.c]
+     use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
+     strict-alignment architectures; reported by and ok stsp@
+   - djm@cvs.openbsd.org 2014/04/20 02:49:32
+     [compat.c]
+     add a canonical 6.6 + curve25519 bignum fix fake version that I can
+     recommend people use ahead of the openssh-6.7 release
+
+20140401
+ - (djm) On platforms that support it, use prctl() to prevent sftp-server
+   from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
+ - (djm) Use full release (e.g. 6.5p1) in debug output rather than just
+   version. From des@des.no
+
+20140317
+ - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
+   remind myself to add sandbox violation logging via the log socket.
+
+20140314
+ - (tim) [opensshd.init.in] Add support for ed25519
+
 20140313
  - (djm) Release OpenSSH 6.6
 
@@ -2884,4 +3815,3 @@
    [contrib/suse/openssh.spec] Update for release 6.0
  - (djm) [README] Update URL to release notes.
  - (djm) Release openssh-6.0
-