Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-05-22 | Pass noupdate to pam_motd call for /run/motd.dynamic. | Roger Leigh | |
2012-05-18 | IPQoS fix closes #671075 too | Colin Watson | |
2012-05-18 | close #671010 with new upstream | Colin Watson | |
2012-05-18 | Fix a bashism in configure's seccomp_filter check. | Colin Watson | |
2012-05-18 | * New upstream release (http://www.openssh.org/txt/release-6.0). | Colin Watson | |
- Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections (closes: #643312, #650512). - Add a new privilege separation sandbox implementation for Linux's new seccomp sandbox, automatically enabled on platforms that support it. (Note: privilege separation sandboxing is still experimental.) | |||
2012-05-17 | merge 6.0p1 | Colin Watson | |
2012-05-17 | Import 6.0p1 tarball | Colin Watson | |
2012-04-22 | Update OpenSSH FAQ to revision 1.113, fixing missing line break (closes: | Colin Watson | |
#669667). | |||
2012-04-21 | Display dynamic part of MOTD from /run/motd.dynamic, if it exists | Colin Watson | |
(closes: #669699). | |||
2012-04-20 | - (djm) Release openssh-6.0 | Damien Miller | |
2012-04-20 | - (djm) [README] Update URL to release notes. | Damien Miller | |
2012-04-20 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | Damien Miller | |
[contrib/suse/openssh.spec] Update for release 6.0 | |||
2012-04-19 | - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil | Damien Miller | |
contains openpty() but not login() | |||
2012-04-04 | - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox | Damien Miller | |
mode for Linux's new seccomp filter; patch from Will Drewry; feedback and ok dtucker@ | |||
2012-04-02 | releasing version 1:5.9p1-5 | Colin Watson | |
2012-04-02 | * Fix cross-building: | Colin Watson | |
- Allow using a cross-architecture pkg-config. - Pass default LDFLAGS to contrib/Makefile. - Allow dh_strip to strip gnome-ssh-askpass, rather than calling 'install -s'. | |||
2012-04-01 | Use dpkg-buildflags, including for hardening support; drop use of | Colin Watson | |
hardening-includes. | |||
2012-03-30 | - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect | Damien Miller | |
assumptions when building on Cygwin; patch from Corinna Vinschen | |||
2012-03-30 | - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running | Damien Miller | |
openssh binaries on a newer fix release than they were compiled on. with and ok dtucker@ | |||
2012-03-30 | - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING | Darren Tucker | |
file from spec file. From crighter at nuclioss com. | |||
2012-03-19 | releasing version 1:5.9p1-4 | Colin Watson | |
2012-03-19 | Disable OpenSSL version check again, as its SONAME is sufficient | Colin Watson | |
nowadays (closes: #664383). | |||
2012-03-09 | - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6 | Damien Miller | |
addressed connections. ok dtucker@ | |||
2012-03-09 | - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux | Damien Miller | |
systems where sshd is run in te wrong context. Patch from Sven Vermeulen; ok dtucker@ | |||
2012-02-24 | releasing version 1:5.9p1-3 | Colin Watson | |
2012-02-24 | Move ssh-krb5 to Section: oldlibs. | Colin Watson | |
2012-02-24 | slight simplification | Colin Watson | |
2012-02-24 | Ignore errors writing to console in init script (closes: #546743). | Colin Watson | |
2012-02-24 | - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM | Darren Tucker | |
audit breakage in Solaris 11. Patch from Magnus Johansson. | |||
2012-02-14 | - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote | Tim Rice | |
to work. Spotted by Angel Gonzalez | |||
2012-02-14 | - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so | Tim Rice | |
it actually works. | |||
2012-02-14 | - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for | Tim Rice | |
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c ok dtucker@ | |||
2012-02-14 | * debconf template translations: | Colin Watson | |
- Update Polish (thanks, Michał Kułach; closes: #659829). | |||
2012-02-14 | - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of | Damien Miller | |
preserved Cygwin environment variables; from Corinna Vinschen | |||
2012-02-11 | - markus@cvs.openbsd.org 2012/02/09 20:00:18 | Damien Miller | |
[version.h] move from 6.0-beta to 6.0 | |||
2012-02-11 | - markus@cvs.openbsd.org 2012/01/25 19:40:09 | Damien Miller | |
[packet.c packet.h] packet_read_poll() is not used anymore. | |||
2012-02-11 | - markus@cvs.openbsd.org 2012/01/25 19:36:31 | Damien Miller | |
[authfile.c] memleak in key_load_file(); from Jan Klemkow | |||
2012-02-11 | - markus@cvs.openbsd.org 2012/01/25 19:26:43 | Damien Miller | |
[packet.c] do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying; ok dtucker@, djm@ | |||
2012-02-11 | - dtucker@cvs.openbsd.org 2012/01/18 21:46:43 | Damien Miller | |
[clientloop.c] Ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. Report from r00t_ati at ihteam.net, ok markus. | |||
2012-02-11 | - miod@cvs.openbsd.org 2012/01/16 20:34:09 | Damien Miller | |
[ssh-pkcs11-client.c] Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow. While there, be sure to buffer_clear() between send_msg() and recv_msg(). ok markus@ | |||
2012-02-11 | - miod@cvs.openbsd.org 2012/01/08 13:17:11 | Damien Miller | |
[ssh-ecdsa.c] Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron, ok markus@ | |||
2012-02-11 | - djm@cvs.openbsd.org 2012/01/07 21:11:36 | Damien Miller | |
[mux.c] fix double-free in new session handler | |||
2012-02-11 | - djm@cvs.openbsd.org 2012/01/05 00:16:56 | Damien Miller | |
[monitor.c] memleak on error path | |||
2012-02-06 | - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms | Damien Miller | |
that don't support ECC. Patch from Phil Oleson | |||
2012-01-17 | - (dtucker) [configure.ac mac.c openbsd-compat/openssl-compat.h] Add | Darren Tucker | |
null implementation of HMAC_CTX_init for the benefit of old versions of OpenSSL that don't have it. | |||
2011-12-19 | - djm@cvs.openbsd.org 2011/12/07 05:44:38 | Damien Miller | |
[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c] fix some harmless and/or unreachable int overflows; reported Xi Wang, ok markus@ | |||
2011-12-19 | - djm@cvs.openbsd.org 2011/12/04 23:16:12 | Damien Miller | |
[mux.c] revert: > revision 1.32 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 > fix bz#1948: ssh -f doesn't fork for multiplexed connection. > ok dtucker@ it interacts badly with ControlPersist | |||
2011-12-19 | - djm@cvs.openbsd.org 2011/12/02 00:43:57 | Damien Miller | |
[mac.c] fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before HMAC_init (this change in policy seems insane to me) ok dtucker@ | |||
2011-12-19 | - djm@cvs.openbsd.org 2011/12/02 00:41:56 | Damien Miller | |
[mux.c] fix bz#1948: ssh -f doesn't fork for multiplexed connection. ok dtucker@ | |||
2011-11-25 | - oga@cvs.openbsd.org 2011/11/16 12:24:28 | Damien Miller | |
[sftp.c] Don't leak list in complete_cmd_parse if there are no commands found. Discovered when I was ``borrowing'' this code for something else. ok djm@ |