| openssh-5.3p1-123.an2.i686
[602 KiB] |
Changelog
by Jakub Jelen (2017-08-03):
- Fix for CVE-2016-6210: User enumeration via covert timing channel (#1357442)
|
| openssh-5.3p1-122.an2.i686
[601 KiB] |
Changelog
by JoungKyun.Kim (2017-03-21):
- security issues
. CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes (1405374)
- Fix missing hmac-md5-96 from server offer (#1373836)
- Prevent infinite loop when Ctrl+Z pressed at password prompt (#1218424)
- Remove RC4 cipher and MD5 based MAC from the default client proposal (#1373836)
- Resolve sftp force permission colision with umask (#1341747)
- Relax bits needed check to allow hmac-sha2-512 with gss-group1-sha1- (#1353359)
- close ControlPersist background process stderr when not in debug mode (#1335539)
- Do not add a message "The agent has no identities." in ~/.ssh/authorized_keys (#1353410)
|
| openssh-5.3p1-118.1.an2.i686
[280 KiB] |
Changelog
by JoungKyun.Kim (2016-05-12):
- security issues
. CVE-2016-1908: Prevent possible fallback from untrusted X11 forwarding (#1299048)
. CVE-2015-5352: XSECURITY restrictions bypass under certain conditions
. CVE-2015-6563: Privilege separation weakness related to PAM support
. CVE-2015-6564: Use-after-free bug related to PAM support
|
| openssh-5.3p1-114.an2.i686
[277 KiB] |
Changelog
by Jakub Jelen (2016-03-16):
- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (#1245969)
|
| openssh-5.3p1-112.an2.i686
[596 KiB] |
Changelog
by JoungKyun.Kim (2015-08-16):
- Backport fixed of ssh-keygen with error : gethostname: File name too long (#1161454)
- Backport show remote address instead of UNKNOWN after timeout at password prompt (#1161449)
- Fix printing of extensions in v01 certificates (#1093869)
- Fix confusing audit trail for unsuccessful logins (#1127312)
- Don't close fds for internal sftp sessions (#1085710)
- Fix config parsing quotes (backport) (#1134938)
- Enable logging in chroot into separate file (#1172224)
- Fix auditing when using combination of ForcedCommand and PTY (#1131585)
- Fix ssh-copy-id on non-sh remote shells (#1135521)
- Add missing ControlPersist option to man ssh (#1197763)
- Add sftp option to force mode of created files (#1191055)
- Do not load RSA1 keys in FIPS mode (#1197072)
- Add missing support for ECDSA in ssh-keyscan (#1196331)
- Fix coverity/gcc issues (#1196063)
- Backport wildcard functionality for PermitOpen in sshd_config file (#1159055)
- Ability to specify an arbitrary LDAP filter in ldap.conf (#1119506)
- Make sshd -T write all config options and add missing Cipher, MAC to man (#1109251)
- Better approach to logging sftp commands in chroot
- Fix problems with failing persistent connections (#1131585)
- Fix memory leaks in auditing patch (#1208584)
- Fix minor problems found by covscan/gcc (#1196063)
- Add missing options in man ssh (#1197763)
- Add KbdInteractiveAuthentication documentation to man sshd_config (#1109251)
- Correct freeing newkeys structure when privileged monitor exits (#1208584)
- Add missing dot in ssh manual page (#1197763)
- SSH2_MSG_DISCONNECT for user initiated disconnect follow RFC 4253 (#1222500)
|
| openssh-5.3p1-104.an2.1.i686
[591 KiB] |
Changelog
by Petr Lautrbach (2014-11-06):
- Fix ControlPersist option with ProxyCommand (#1160487)
|
| openssh-5.3p1-104.an2.i686
[591 KiB] |
Changelog
by JoungKyun.Kim (2014-10-17):
- rebuild for AnNyung 2.4
- security issues
. CVE-2014-2653 prevent a server from skipping SSHFP lookup
. CVE-2014-2532 ignore environment variables with embedded '=' or '\0' characters
|
| openssh-5.3p1-94.an2.i686
[558 KiB] |
Changelog
by JoungKyun.Kim (2013-11-23):
- AnNyung 2.3 pre-release
- sevaral bug fixes
. http://rhn.redhat.com/errata/RHSA-2013-1591.html
- security issues
. CVE-2010-5107
|
| openssh-5.3p1-84.1.an2.1.i686
[489 KiB] |
Changelog
by JoungKyun.Kim (2013-08-07):
- support X11Forwarding (Default config is No)
|
| openssh-5.3p1-84.1.an2.i686
[489 KiB] |
Changelog
by JoungKyun.Kim (2013-03-11):
- rebuilt on AnNyung
- removed X option
- change server configuration
change KeyRegenerationInterval value to 0 on sshd_config
change UseDNS value to no
change GSSAPIAuthentication to no
change X11Forwarding no
add Banner directive to /etc/issue.net
add USER_LANG environment
- change client configuration
change GSSAPIAuthentication value to no
change ForwardX11Trusted no
add USER_LANG on SendEnv
- support mcookie on Banner file
- support idn client
- add skip host key check command lien option
- security issue
. CVE-2012-5536
pam_ssh_agent_auth: symbol crash leading to glibc error() called incorrectly
|
| openssh-5.3p1-81.an2.2.i686
[488 KiB] |
Changelog
by JoungKyun.Kim (2012-11-21):
- rebuilt
|
| openssh-5.3p1-81.an2.1.i686
[488 KiB] |
Changelog
by JoungKyun.Kim (2012-09-15):
- defaults on HashKnownHosts
|
| openssh-5.3p1-81.an2.i686
[563 KiB] |
Changelog
by JoungKyun.Kim (2012-07-13):
- rebuilt on AnNyung
- removed X option
- change server configuration
change KeyRegenerationInterval value to 0 on sshd_config
change UseDNS value to no
change GSSAPIAuthentication to no
change X11Forwarding no
add Banner directive to /etc/issue.net
add USER_LANG environment
- change client configuration
change GSSAPIAuthentication value to no
change ForwardX11Trusted no
add USER_LANG on SendEnv
- support mcookie on Banner file
- support idn client
- add skip host key check command lien option
|