Age | Commit message (Collapse) | Author | |
---|---|---|---|
2006-10-04 | * Remove ssh/insecure_telnetd check altogether (closes: #391081). | Colin Watson | |
2006-10-03 | - (tim) [configure.ac] Move CHECK_HEADERS test before platform specific | Tim Rice | |
section so additional platform specific CHECK_HEADER tests will work correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no Feedback and "seems like a good idea" dtucker@ | |||
2006-10-02 | * debconf template translations: | Colin Watson | |
- Update Danish (thanks, Claus Hindsgaul; closes: #390612). | |||
2006-10-01 | - (dtucker) [audit-bsm.c] Include errno.h. Pointed out by des at des.no. | Darren Tucker | |
2006-09-29 | releasing version 1:4.3p2-4 | Colin Watson | |
2006-09-29 | - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The | Colin Watson | |
signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. | |||
2006-09-29 | * Backport from 4.4p1 (since I don't have an updated version of the GSSAPI | Colin Watson | |
patch yet): - CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired (closes: #389995). | |||
2006-09-29 | * Make ssh/insecure_telnetd Type: error (closes: #388946). | Colin Watson | |
2006-09-29 | - (dtucker) [configure.ac] Bug #1239: Fix configure test for OpenSSH engine | Darren Tucker | |
support. Patch from andrew.benham at thus net. | |||
2006-09-29 | * Remove no-longer-used ssh/insecure_rshd debconf template. | Colin Watson | |
2006-09-29 | * Read /etc/default/locale as well as /etc/environment (thanks, Raphaƫl | Colin Watson | |
Hertzog; closes: #369395). | |||
2006-09-28 | - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error | Darren Tucker | |
on Solaris 8 w/out /dev/random or prngd. Patch from rl at math.technion.ac.il. | |||
2006-09-28 | Marker for 4.4p1 release | Darren Tucker | |
2006-09-26 | - (dtucker) [sftp-server.8] Resync; spotted by djm@ | Darren Tucker | |
2006-09-26 | - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not | Darren Tucker | |
referenced any more. ok djm@ | |||
2006-09-26 | Trim ChangeLog Prior to 4.2p1 | Darren Tucker | |
2006-09-24 | 20060924 | Tim Rice | |
- (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added to rev 1.308) to work around broken gcc 2.x header file. | |||
2006-09-23 | - (dtucker) [configure.ac] Bug #1234: Put opensc libs into $LIBS rather than | Darren Tucker | |
$LDFLAGS. Patch from vapier at gentoo org. | |||
2006-09-22 | - (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros on | Darren Tucker | |
some platforms (eg HP-UX 11.00). From santhi.amirta at gmail com. | |||
2006-09-21 | - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixes | Darren Tucker | |
build error on Ultrix. From Bernhard Simon. | |||
2006-09-21 | - markus@cvs.openbsd.org 2006/09/19 21:14:08 | Darren Tucker | |
[packet.c] client NULL deref on protocol error; Tavis Ormandy, Google Security Team | |||
2006-09-21 | - otto@cvs.openbsd.org 2006/09/19 05:52:23 | Darren Tucker | |
[sftp.c] Use S_IS* macros insted of masking with S_IF* flags. The latter may have multiple bits set, which lead to surprising results. Spotted by Paul Stoeber, more to come. ok millert@ pedro@ jaredy@ djm@ | |||
2006-09-18 | - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes. | Darren Tucker | |
Prevents macro redefinition warnings of "RDONLY". | |||
2006-09-18 | - (dtucker) [configure.ac] On AIX, check to see if the compiler will allow | Darren Tucker | |
macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags. Allows build out of the box with older VAC and XLC compilers. Found by David Bronder and Bernhard Simon. | |||
2006-09-17 | - (dtucker) [INSTALL] Add info about audit support. | Darren Tucker | |
2006-09-17 | - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@ | Damien Miller | |
2006-09-17 | - (dtucker) [monitor.c] Correctly handle auditing of single commands when | Darren Tucker | |
using Protocol 1. From jhb at freebsd. | |||
2006-09-17 | - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth | Darren Tucker | |
process so that any logging it does is with the right timezone. From Scott Strickler, ok djm@. | |||
2006-09-17 | - (djm) Add openssh.xml to .cvsignore and sort it | Damien Miller | |
2006-09-17 | - djm@cvs.openbsd.org 2006/09/16 19:53:37 | Damien Miller | |
[deattack.c deattack.h packet.c] limit maximum work performed by the CRC compensation attack detector, problem reported by Tavis Ormandy, Google Security Team; ok markus@ deraadt@ | |||
2006-09-12 | - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in] | Damien Miller | |
Support SMF in Solaris Packages if enabled by configure. Patch from Chad Mynhier, tested by dtucker@ | |||
2006-09-11 | - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. Noted | Darren Tucker | |
by Pekka Savola. | |||
2006-09-10 | - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB. | Darren Tucker | |
2006-09-10 | - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available. | Darren Tucker | |
2006-09-09 | - (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@ | Darren Tucker | |
2006-09-09 | - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user. | Darren Tucker | |
2006-09-09 | - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h. | Darren Tucker | |
2006-09-09 | - (dtucker) [configure.ac] The BSM header test needs time.h in some cases. | Darren Tucker | |
2006-09-08 | - (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch | Darren Tucker | |
from Chris Adams. | |||
2006-09-08 | - (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better | Darren Tucker | |
chance of winning. | |||
2006-09-07 | - (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H. | Darren Tucker | |
2006-09-06 | - (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6 | Tim Rice | |
2006-09-07 | - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can | Damien Miller | |
be used to drop privilege to; fixes Solaris GSSAPI crash reported by Magnus Abrante; suggestion and feedback dtucker@ NB. this change will require that the privilege separation user must exist on all the time, not just when UsePrivilegeSeparation=yes | |||
2006-09-05 | - (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP. | Darren Tucker | |
2006-09-05 | - (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov. | Darren Tucker | |
2006-09-04 | - (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native | Darren Tucker | |
updwdtmp seems to generate invalid wtmp entries. From Roger Cornelius, ok djm@ | |||
2006-09-03 | - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for | Darren Tucker | |
declaration of writev(2) and declare it ourselves if necessary. Makes the atomiciov() calls build on really old systems. ok djm@ | |||
2006-09-02 | - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c | Darren Tucker | |
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h> for hton* and ntoh* macros. Required on (at least) HP-UX since we define _XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com. | |||
2006-09-02 | - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan. | Darren Tucker | |
2006-09-01 | - (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec] Crank | Darren Tucker | |
versions. |