summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2006-10-24 - djm@cvs.openbsd.org 2006/10/22 02:25:50Damien Miller
[sftp-client.c] cancel progress meter when upload write fails; ok deraadt@
2006-10-24 - markus@cvs.openbsd.org 2006/10/11 12:38:03Damien Miller
[clientloop.c serverloop.c] exit instead of doing a blocking tcp send if we detect a client/server timeout, since the tcp sendqueue might be already full (of alive requests); ok dtucker, report mpf
2006-10-24 - markus@cvs.openbsd.org 2006/10/10 10:12:45Damien Miller
[sshconnect.c] sleep before retrying (not after) since sleep changes errno; fixes pr 5250; rad@twig.com; ok dtucker djm
2006-10-24 - djm@cvs.openbsd.org 2006/10/09 23:36:11Damien Miller
[session.c] xmalloc -> xcalloc that was missed previously, from portable (NB. Id sync only for portable, obviously)
2006-10-24 - djm@cvs.openbsd.org 2006/10/06 02:29:19Damien Miller
[ssh-agent.c ssh-keyscan.c ssh.c] sys/resource.h needs sys/time.h; prompted by brad@ (NB. Id sync only for portable)
2006-10-24 - (djm) OpenBSD CVS SyncDamien Miller
- ray@cvs.openbsd.org 2006/09/30 17:48:22 [sftp.c] Clear errno before calling the strtol functions. From Paul Stoeber <x0001 at x dot de1 dot cc>. OK deraadt@.
2006-10-18 - (dtucker) [sshd.c] Reshuffle storing of pw struct; prevents warningsDarren Tucker
on older versions of OS X. ok djm@
2006-10-18 - ray@cvs.openbsd.org 2006/09/25 04:55:38Darren Tucker
[ssh-keyscan.1 ssh.1] Change "a SSH" to "an SSH". Hurray, I'm not the only one who pronounces "SSH" as "ess-ess-aich". OK jmc@ and stevesk@.
2006-10-16 - (dtucker) [monitor_fdpass.c] Include sys/in.h, required for cmsg macrosDarren Tucker
on older (2.0) Linuxes. Based on patch from thmo-13 at gmx de.
2006-10-06 - (tim) [buildpkg.sh.in] Some systems have really limited nawk (OpenServer).Tim Rice
Allow setting alternate awk in openssh-config.local.
2006-10-07 - (dtucker) [configure.ac] Set put -lselinux into $LIBS while testing forDarren Tucker
SELinux functions so they're detected correctly. Patch from pebenito at gentoo.org.
2006-10-0620061006Tim Rice
- (tim) [buildpkg.sh.in] Use uname -r instead of -v in OS_VER for Solaris. Differentiate between OpenServer 5 and OpenServer 6
2006-10-05releasing version 1:4.3p2-5Colin Watson
2006-10-04* Remove ssh/insecure_telnetd check altogether (closes: #391081).Colin Watson
2006-10-03 - (tim) [configure.ac] Move CHECK_HEADERS test before platform specificTim Rice
section so additional platform specific CHECK_HEADER tests will work correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no Feedback and "seems like a good idea" dtucker@
2006-10-02* debconf template translations:Colin Watson
- Update Danish (thanks, Claus Hindsgaul; closes: #390612).
2006-10-01 - (dtucker) [audit-bsm.c] Include errno.h. Pointed out by des at des.no.Darren Tucker
2006-09-29releasing version 1:4.3p2-4Colin Watson
2006-09-29 - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. TheColin Watson
signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote.
2006-09-29* Backport from 4.4p1 (since I don't have an updated version of the GSSAPIColin Watson
patch yet): - CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired (closes: #389995).
2006-09-29* Make ssh/insecure_telnetd Type: error (closes: #388946).Colin Watson
2006-09-29 - (dtucker) [configure.ac] Bug #1239: Fix configure test for OpenSSH engineDarren Tucker
support. Patch from andrew.benham at thus net.
2006-09-29* Remove no-longer-used ssh/insecure_rshd debconf template.Colin Watson
2006-09-29* Read /etc/default/locale as well as /etc/environment (thanks, RaphaƫlColin Watson
Hertzog; closes: #369395).
2006-09-28 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation errorDarren Tucker
on Solaris 8 w/out /dev/random or prngd. Patch from rl at math.technion.ac.il.
2006-09-28Marker for 4.4p1 releaseDarren Tucker
2006-09-26 - (dtucker) [sftp-server.8] Resync; spotted by djm@Darren Tucker
2006-09-26 - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and notDarren Tucker
referenced any more. ok djm@
2006-09-26Trim ChangeLog Prior to 4.2p1Darren Tucker
2006-09-2420060924Tim Rice
- (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added to rev 1.308) to work around broken gcc 2.x header file.
2006-09-23 - (dtucker) [configure.ac] Bug #1234: Put opensc libs into $LIBS rather thanDarren Tucker
$LDFLAGS. Patch from vapier at gentoo org.
2006-09-22 - (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros onDarren Tucker
some platforms (eg HP-UX 11.00). From santhi.amirta at gmail com.
2006-09-21 - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixesDarren Tucker
build error on Ultrix. From Bernhard Simon.
2006-09-21 - markus@cvs.openbsd.org 2006/09/19 21:14:08Darren Tucker
[packet.c] client NULL deref on protocol error; Tavis Ormandy, Google Security Team
2006-09-21 - otto@cvs.openbsd.org 2006/09/19 05:52:23Darren Tucker
[sftp.c] Use S_IS* macros insted of masking with S_IF* flags. The latter may have multiple bits set, which lead to surprising results. Spotted by Paul Stoeber, more to come. ok millert@ pedro@ jaredy@ djm@
2006-09-18 - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.Darren Tucker
Prevents macro redefinition warnings of "RDONLY".
2006-09-18 - (dtucker) [configure.ac] On AIX, check to see if the compiler will allowDarren Tucker
macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags. Allows build out of the box with older VAC and XLC compilers. Found by David Bronder and Bernhard Simon.
2006-09-17 - (dtucker) [INSTALL] Add info about audit support.Darren Tucker
2006-09-17 - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@Damien Miller
2006-09-17 - (dtucker) [monitor.c] Correctly handle auditing of single commands whenDarren Tucker
using Protocol 1. From jhb at freebsd.
2006-09-17 - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM authDarren Tucker
process so that any logging it does is with the right timezone. From Scott Strickler, ok djm@.
2006-09-17 - (djm) Add openssh.xml to .cvsignore and sort itDamien Miller
2006-09-17 - djm@cvs.openbsd.org 2006/09/16 19:53:37Damien Miller
[deattack.c deattack.h packet.c] limit maximum work performed by the CRC compensation attack detector, problem reported by Tavis Ormandy, Google Security Team; ok markus@ deraadt@
2006-09-12 - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]Damien Miller
Support SMF in Solaris Packages if enabled by configure. Patch from Chad Mynhier, tested by dtucker@
2006-09-11 - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. NotedDarren Tucker
by Pekka Savola.
2006-09-10 - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.Darren Tucker
2006-09-10 - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.Darren Tucker
2006-09-09 - (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@Darren Tucker
2006-09-09 - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.Darren Tucker
2006-09-09 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.Darren Tucker