Revisions of openssh
fix bashisms in sshd.init script
buildservice-autocommit
accepted
request 255040
from
Andrey Karepin (EGDFree)
(revision 87)
baserev update by copy to link target
- Ensure that ssh can use the ssh support of the gpg-agent (boo#899647)
buildservice-autocommit
accepted
request 241776
from
Petr Cerny (pcerny)
(revision 85)
baserev update by copy to link target
Do not depend on insserv if the package build with systemd support; it's useless
buildservice-autocommit
accepted
request 234675
from
Petr Cerny (pcerny)
(revision 83)
baserev update by copy to link target
- Remove tcpwrappers support now, This feature was removed in upstream code at the end of April and the underlying libraries are abandonware. See: http://comments.gmane.org/gmane.linux.suse.general/348119
buildservice-autocommit
accepted
request 231428
from
Petr Cerny (pcerny)
(revision 81)
baserev update by copy to link target
- curve25519 key exchange fix (-curve25519-6.6.1p1.patch) - patch re-ordering (-audit3-key_auth_usage-fips.patch, -audit4-kex_results-fips.patch)
- Add fix-curve25519-kex.patch to fix a key-exchange problem with curve25519-sha256@libssh.org, see http://marc.info/?l=openssh-unix-dev&m=139797807804698&w=2
buildservice-autocommit
accepted
request 230190
from
Petr Cerny (pcerny)
(revision 78)
baserev update by copy to link target
- Update of the underlying OpenSSH to 6.6p1 - update to 6.6p1 Security: * sshd(8): when using environment passing with a sshd_config(5) AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could be tricked into accepting any enviornment variable that contains the characters before the wildcard character. Features since 6.5p1: * ssh(1), sshd(8): removal of the J-PAKE authentication code, which was experimental, never enabled and has been unmaintained for some time. * ssh(1): skip 'exec' clauses other clauses predicates failed to match while processing Match blocks. * ssh(1): if hostname canonicalisation is enabled and results in the destination hostname being changed, then re-parse ssh_config(5) files using the new destination hostname. This gives 'Host' and 'Match' directives that use the expanded hostname a chance to be applied. Bugfixes: * ssh(1): avoid spurious "getsockname failed: Bad file descriptor" in ssh -W. bz#2200, debian#738692 * sshd(8): allow the shutdown(2) syscall in seccomp-bpf and systrace sandbox modes, as it is reachable if the connection is terminated during the pre-auth phase. * ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1 bignum parsing. Minimum key length checks render this bug unexploitable to compromise SSH 1 sessions. * sshd_config(5): clarify behaviour of a keyword that appears in multiple matching Match blocks. bz#2184
buildservice-autocommit
accepted
request 227709
from
Marcus Meissner (msmeissn)
(revision 75)
baserev update by copy to link target
- Update openssh-6.5p1-audit4-kex_results.patch to ensure that we don't pass a NULL string to buffer_put_cstring. This happens when you have "Ciphers chacha20-poly1305@openssh.com" directive.
buildservice-autocommit
accepted
request 226335
from
Petr Cerny (pcerny)
(revision 73)
baserev update by copy to link target
- re-enabling the GSSAPI Key Exchange patch !!! currently breaks anythng else than Factory
buildservice-autocommit
accepted
request 224303
from
Petr Cerny (pcerny)
(revision 71)
baserev update by copy to link target
- re-enabling FIPS-enablement patch - enable X11 forwarding when IPv6 is present but disabled on server (bnc#712683, FATE#31503; -X_forward_with_disabled_ipv6.patch)
buildservice-autocommit
accepted
request 223064
from
Marcus Meissner (msmeissn)
(revision 69)
baserev update by copy to link target
Displaying revisions 181 - 200 of 268