summaryrefslogtreecommitdiff
path: root/version.h
AgeCommit message (Collapse)Author
2014-04-21bad bignum encoding for curve25519-sha256@libssh.orgDamien Miller
Hi, So I screwed up when writing the support for the curve25519 KEX method that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left leading zero bytes where they should have been skipped. The impact of this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a peer that implements curve25519-sha256@libssh.org properly about 0.2% of the time (one in every 512ish connections). We've fixed this for OpenSSH 6.7 by avoiding the curve25519-sha256 key exchange for previous versions, but I'd recommend distributors of OpenSSH apply this patch so the affected code doesn't become too entrenched in LTS releases. The patch fixes the bug and makes OpenSSH identify itself as 6.6.1 so as to distinguish itself from the incorrect versions so the compatibility code to disable the affected KEX isn't activated. I've committed this on the 6.6 branch too. Apologies for the hassle. -d Origin: upstream, https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032494.html Forwarded: not-needed Last-Update: 2014-04-21 Patch-Name: curve25519-sha256-bignum-encoding.patch
2014-03-20Include the Debian version in our identificationMatthew Vernon
This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
2014-02-28 - djm@cvs.openbsd.org 2014/02/27 22:57:40Damien Miller
[version.h] openssh-6.6
2014-01-16 - djm@cvs.openbsd.org 2014/01/16 07:32:00Damien Miller
[version.h] openssh-6.5
2013-11-08 - djm@cvs.openbsd.org 2013/11/08 01:38:11Damien Miller
[version.h] openssh-6.4
2013-07-25 - djm@cvs.openbsd.org 2013/07/25 00:57:37Damien Miller
[version.h] openssh-6.3 for release
2013-02-12 - markus@cvs.openbsd.org 2013/02/10 21:19:34Damien Miller
[version.h] openssh 6.2
2012-07-31 - markus@cvs.openbsd.org 2012/07/22 18:19:21Damien Miller
[version.h] openssh 6.1
2012-02-11 - markus@cvs.openbsd.org 2012/02/09 20:00:18Damien Miller
[version.h] move from 6.0-beta to 6.0
2011-10-02 - markus@cvs.openbsd.org 2011/09/23 07:45:05Darren Tucker
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c version.h] unbreak remote portforwarding with dynamic allocated listen ports: 1) send the actual listen port in the open message (instead of 0). this allows multiple forwardings with a dynamic listen port 2) update the matching permit-open entry, so we can identify where to connect to report: den at skbkontur.ru and P. Szczygielski feedback and ok djm@
2011-09-07 - (djm) [README version.h] Correct versionDamien Miller
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 23:13:01Damien Miller
[version.h] crank now, release later
2011-06-03 - (dtucker) [README version.h contrib/caldera/openssh.specDarren Tucker
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version bumps from the 5.8p2 branch into HEAD. ok djm.
2011-02-04 - djm@cvs.openbsd.org 2011/02/04 00:44:43Damien Miller
[version.h] openssh-5.8
2011-01-22 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2011/01/22 09:18:53 [version.h] crank to OpenSSH-5.7
2010-08-09 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2010/08/08 16:26:42 [version.h] crank to 5.6
2010-03-22 - djm@cvs.openbsd.org 2010/03/16 16:36:49Damien Miller
[version.h] crank version to openssh-5.5 since we have a few fixes since 5.4; requested deraadt@ kettenis@
2010-03-08 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2010/03/07 22:01:32 [version.h] openssh-5.4
2009-07-06 - markus@cvs.openbsd.org 2009/06/30 14:54:40Darren Tucker
[version.h] crank version; ok deraadt
2009-02-23 - djm@cvs.openbsd.org 2009/02/23 00:06:15Damien Miller
[version.h] openssh-5.2
2008-07-21 - djm@cvs.openbsd.org 2008/07/21 08:19:07Damien Miller
[version.h] openssh-5.1
2008-04-03 - djm@cvs.openbsd.org 2008/04/03 09:50:14Damien Miller
[version.h] openssh-5.0
2008-03-27 - djm@cvs.openbsd.org 2008/03/27 00:16:49Damien Miller
[version.h] openssh-4.9
2008-03-07 - deraadt@cvs.openbsd.org 2008/03/04 21:15:42Damien Miller
[version.h] crank version; from djm
2007-08-15 - markus@cvs.openbsd.org 2007/08/15 08:16:49Darren Tucker
[version.h] openssh 4.7
2007-03-06 - djm@cvs.openbsd.org 2007/03/06 10:13:14Damien Miller
[version.h] openssh-4.6; "please" deraadt@
2006-11-07 - markus@cvs.openbsd.org 2006/11/07 10:31:31Darren Tucker
[monitor.c version.h] correctly check for bad signatures in the monitor, otherwise the monitor and the unpriv process can get out of sync. with dtucker@, ok djm@, dtucker@
2006-08-30 - djm@cvs.openbsd.org 2006/08/30 00:14:37Damien Miller
[version.h] crank to 4.4
2006-02-12 - (dtucker) [README version.h contrib/caldera/openssh.specDarren Tucker
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version strings to match 4.3p2 release.
2006-02-01 - markus@cvs.openbsd.org 2006/02/01 11:27:22Damien Miller
[version.h] openssh 4.3
2005-08-31 - markus@cvs.openbsd.org 2005/08/31 09:28:42Damien Miller
[version.h] 4.2
2005-03-31 - markus@cvs.openbsd.org 2005/03/16 21:17:39Darren Tucker
[version.h] 4.1
2005-03-09 - djm@cvs.openbsd.org 2005/03/08 23:49:48Damien Miller
[version.h] OpenSSH 4.0
2004-09-12 - (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocolDamien Miller
banner. Suggested by deraadt@, ok mouring@, dtucker@
2004-08-17 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2004/08/16 08:17:01 [version.h] 3.9
2004-03-22 - markus@cvs.openbsd.org 2004/03/20 10:40:59Damien Miller
[version.h] 3.8.1
2004-02-24 - markus@cvs.openbsd.org 2004/02/23 15:16:46Darren Tucker
[version.h] enter 3.8
2003-09-24 - (djm) Update version.h and spec files for HEADDamien Miller
2003-09-17 - (djm) OpenBSD SyncDamien Miller
- markus@cvs.openbsd.org 2003/09/16 21:02:40 [buffer.c channels.c version.h] more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
2003-09-03 - markus@cvs.openbsd.org 2003/09/02 16:40:29Damien Miller
[version.h] enter 3.7
2003-04-29 - (djm) Add back radix.o (used by AFS support), after it went missing fromDamien Miller
Makefile many moons ago - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer - (djm) Fix blibpath specification for AIX/gcc - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
2003-04-01 - markus@cvs.openbsd.org 2003/04/01 10:56:46Damien Miller
[version.h] 3.6.1
2003-03-20 - markus@cvs.openbsd.org 2003/03/17 11:43:47Damien Miller
[version.h] enter 3.6
2002-10-03 - markus@cvs.openbsd.org 2002/10/01 13:24:50Damien Miller
[version.h] OpenSSH 3.5
2002-06-26 - (djm) Release 3.4p1Damien Miller
2002-06-22 - (djm) Release 3.3p1Damien Miller
2002-05-22Crank versionDamien Miller
(also missed changelog message)
2002-05-16p1Damien Miller
2002-05-15 - (bal) OpenBSD CVS SyncBen Lindstrom
- markus@cvs.openbsd.org 2002/05/15 21:05:29 [version.h] enter OpenSSH_3.2.2 - (bal) Caldara, Suse, and Redhat openssh.specs updated.
2002-04-24 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2002/04/23 12:54:10 [version.h] 3.2.1