summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-11-09releasing package openssh version 1:6.4p1-1Colin Watson
2013-11-09urgency=highColin Watson
2013-11-09Add CVE-2013-4548 identifier.Colin Watson
2013-11-09* New upstream release (http://www.openssh.com/txt/release-6.4).Colin Watson
- sshd(8): fix a memory corruption problem triggered during rekeying when an AES-GCM cipher is selected (closes: #729029). Full details of the vulnerability are available at: http://www.openssh.com/txt/gcmrekey.adv
2013-11-09merge 6.4p1Colin Watson
2013-11-09Import 6.4p1 tarballColin Watson
2013-11-08 - (djm) Release 6.4p1Damien Miller
2013-11-08 - djm@cvs.openbsd.org 2013/11/08 01:38:11Damien Miller
[version.h] openssh-6.4
2013-11-08 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] update version numbers
2013-11-08 - djm@cvs.openbsd.org 2013/11/08 00:39:15Damien Miller
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] [sftp-client.c sftp-glob.c] use calloc for all structure allocations; from markus@
2013-11-08 - markus@cvs.openbsd.org 2013/11/06 16:52:11Damien Miller
[monitor_wrap.c] fix rekeying for AES-GCM modes; ok deraadt
2013-09-14* New upstream release (http://www.openssh.com/txt/release-6.3).Colin Watson
- sftp(1): add support for resuming partial downloads using the "reget" command and on the sftp commandline or on the "get" commandline using the "-a" (append) option (closes: #158590). - ssh(1): add an "IgnoreUnknown" configuration option to selectively suppress errors arising from unknown configuration directives (closes: #436052). - sftp(1): update progressmeter when data is acknowledged, not when it's sent (partially addresses #708372). - ssh(1): do not fatally exit when attempting to cleanup multiplexing- created channels that are incompletely opened (closes: #651357).
2013-09-14Replace GSSAPI-specific instances of xfree with the equivalent calls to free.Colin Watson
2013-09-14merge 6.3p1Colin Watson
2013-09-14Import 6.3p1 tarballColin Watson
2013-09-13- (djm) [channels.c] sigh, typo s/buffet_/buffer_/Damien Miller
2013-09-13 - (djm) [channels.c] Fix unaligned access on sparc machines in SOCKS5 code;Damien Miller
ok dtucker@
2013-09-13 - (djm) Release 6.3p1Damien Miller
2013-08-28 - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bitsDamien Miller
until we have configure support.
2013-08-28 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code theDamien Miller
'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we start to use them in the future.
2013-08-21 - jmc@cvs.openbsd.org 2013/08/20 06:56:07Damien Miller
[ssh.1 ssh_config.5] some proxyusefdpass tweaks;
2013-08-21 - djm@cvs.openbsd.org 2013/08/20 00:11:38Damien Miller
[readconf.c readconf.h ssh_config.5 sshconnect.c] Add a ssh_config ProxyUseFDPass option that supports the use of ProxyCommands that establish a connection and then pass a connected file descriptor back to ssh(1). This allows the ProxyCommand to exit rather than have to shuffle data back and forth and enables ssh to use getpeername, etc. to obtain address information just like it does with regular directly-connected sockets. ok markus@
2013-08-21 - jmc@cvs.openbsd.org 2013/08/14 08:39:27Damien Miller
[scp.1 ssh.1] some Bx/Ox conversion; From: Jan Stary
2013-08-21 - djm@cvs.openbsd.org 2013/08/13 18:33:08Damien Miller
[ssh-keygen.c] another of the same typo
2013-08-21 - djm@cvs.openbsd.org 2013/08/13 18:32:08Damien Miller
[ssh-keygen.c] typo in error message; from Stephan Rickauer
2013-08-21 - djm@cvs.openbsd.org 2013/08/09 03:56:42Damien Miller
[sftp.c] enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; matching ksh's relatively recent change.
2013-08-21 - djm@cvs.openbsd.org 2013/08/09 03:39:13Damien Miller
[sftp-client.c] two problems found by a to-be-committed regress test: 1) msg_id was not being initialised so was starting at a random value from the heap (harmless, but confusing). 2) some error conditions were not being propagated back to the caller
2013-08-21 - djm@cvs.openbsd.org 2013/08/09 03:37:25Damien Miller
[sftp.c] do getopt parsing for all sftp commands (with an empty optstring for commands without arguments) to ensure consistent behaviour
2013-08-21 - djm@cvs.openbsd.org 2013/08/08 05:04:03Damien Miller
[sftp-client.c sftp-client.h sftp.c] add a "-l" flag for the rename command to force it to use the silly standard SSH_FXP_RENAME command instead of the POSIX-rename- like posix-rename@openssh.com extension. intended for use in regress tests, so no documentation.
2013-08-21 - djm@cvs.openbsd.org 2013/08/08 04:52:04Damien Miller
[sftp.c] fix two year old regression: symlinking a file would incorrectly canonicalise the target path. bz#2129 report from delphij AT freebsd.org
2013-08-21 - jmc@cvs.openbsd.org 2013/08/07 06:24:51Damien Miller
[sftp.1 sftp.c] sort -a;
2013-08-21 - djm@cvs.openbsd.org 2013/08/06 23:06:01Damien Miller
[servconf.c] add cast to avoid format warning; from portable
2013-08-21 - djm@cvs.openbsd.org 2013/08/06 23:05:01Damien Miller
[sftp.1] document top-level -a option (the -a option to 'get' was already documented)
2013-08-21 - djm@cvs.openbsd.org 2013/08/06 23:03:49Damien Miller
[sftp.c] fix some whitespace at EOL make list of commands an enum rather than a long list of defines add -a to usage()
2013-08-12When running under Upstart, only consider the daemon started once it isColin Watson
ready to accept connections (by raising SIGSTOP at that point and using "expect stop").
2013-08-08 - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -ntDarren Tucker
removal. The "make clean" removes modpipe which is built by the top-level directory before running the tests. Spotted by tim@
2013-08-08 - (dtucker) [misc.c] Remove define added for fallback testing that wasDarren Tucker
mistakenly included in the previous commit.
2013-08-08 - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime(Darren Tucker
CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the CLOCK_MONOTONIC define but don't actually support it. Found and tested by Kevin Brott, ok djm.
2013-08-08 - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -ntDarren Tucker
since some platforms (eg really old FreeBSD) don't have it. Instead, run "make clean" before a complete regress run. ok djm.
2013-08-04 - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add supportDarren Tucker
for building with older Heimdal versions. ok djm.
2013-08-01 - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134Damien Miller
2013-08-01 - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non-Damien Miller
blocking connecting socket will clear any stored errno that might otherwise have been retrievable via getsockopt(). A hack to limit writes to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap it in an #ifdef. Diagnosis and patch from Ivo Raisr.
2013-07-25more correct comment for last commitTim Rice
2013-07-25 - (tim) [regress/forwarding.sh] Fix for building outside read only source tree.Tim Rice
2013-07-25 - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers onTim Rice
Solaris and UnixWare. Feedback and OK djm@
2013-07-25 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] Update version numbers
2013-07-25 - djm@cvs.openbsd.org 2013/06/21 02:26:26Damien Miller
[regress/sftp-cmds.sh regress/test-exec.sh] unbreak sftp-cmds for renamed test data (s/ls/data/)
2013-07-25 - dtucker@cvs.openbsd.org 2013/06/10 21:56:43Damien Miller
[regress/forwarding.sh] Add test for forward config parsing
2013-07-25 - dtucker@cvs.openbsd.org 2013/05/30 20:12:32Damien Miller
[regress/test-exec.sh] use ssh and sshd as testdata since it needs to be >256k for the rekey test
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:57:37Damien Miller
[version.h] openssh-6.3 for release