diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 19 |
1 files changed, 19 insertions, 0 deletions
| @@ -32,6 +32,25 @@ | |||
| 32 | [scp.1] | 32 | [scp.1] |
| 33 | there is no need for rcp anymore | 33 | there is no need for rcp anymore |
| 34 | ok deraadt millert | 34 | ok deraadt millert |
| 35 | - markus@cvs.openbsd.org 2014/03/25 09:40:03 | ||
| 36 | [myproposal.h] | ||
| 37 | trimm default proposals. | ||
| 38 | |||
| 39 | This commit removes the weaker pre-SHA2 hashes, the broken ciphers | ||
| 40 | (arcfour), and the broken modes (CBC) from the default configuration | ||
| 41 | (the patch only changes the default, all the modes are still available | ||
| 42 | for the config files). | ||
| 43 | |||
| 44 | ok djm@, reminded by tedu@ & naddy@ and discussed with many | ||
| 45 | - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 | ||
| 46 | [myproposal.h] | ||
| 47 | The current sharing of myproposal[] between both client and server code | ||
| 48 | makes the previous diff highly unpallatable. We want to go in that | ||
| 49 | direction for the server, but not for the client. Sigh. | ||
| 50 | Brought up by naddy. | ||
| 51 | - markus@cvs.openbsd.org 2014/03/27 23:01:27 | ||
| 52 | [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] | ||
| 53 | disable weak proposals in sshd, but keep them in ssh; ok djm@ | ||
| 35 | 54 | ||
| 36 | 20140401 | 55 | 20140401 |
| 37 | - (djm) On platforms that support it, use prctl() to prevent sftp-server | 56 | - (djm) On platforms that support it, use prctl() to prevent sftp-server |