------------------------------------------------------------------- Wed Apr 9 14:35:42 CEST 2008 - anicka@suse.cz - update to 5.0p1 ------------------------------------------------------------------- Wed Apr 2 15:06:01 CEST 2008 - anicka@suse.cz - update to 4.9p1 ------------------------------------------------------------------- Wed Dec 5 10:56:07 CET 2007 - anicka@suse.cz - - update to 4.7p1 * Add "-K" flag for ssh to set GSSAPIAuthentication=yes and GSSAPIDelegateCredentials=yes. This is symmetric with -k * make scp try to skip FIFOs rather than blocking when nothing is listening. * increase default channel windows * put the MAC list into a display * many bugfixes ------------------------------------------------------------------- Tue Dec 12 14:44:41 CET 2006 - anicka@suse.cz - update to 4.5p1 * Use privsep_pw if we have it, but only require it if we absolutely need it. * Correctly check for bad signatures in the monitor, otherwise the monitor and the unpriv process can get out of sync. * Clear errno before calling the strtol functions. * exit instead of doing a blocking tcp send if we detect a client/server timeout, since the tcp sendqueue might be already full (of alive requests) * include signal.h, errno.h, sys/in.h * some more bugfixes ------------------------------------------------------------------- Wed Oct 4 12:56:40 CEST 2006 - postadal@suse.cz - updated to version 4.4p1 [#208662] * fixed pre-authentication DoS, that would cause sshd(8) to spin until the login grace time expired * fixed unsafe signal hander, which was vulnerable to a race condition that could be exploited to perform a pre-authentication DoS * fixed a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms * implemented conditional configuration in sshd_config(5) using the "Match" directive * added support for Diffie-Hellman group exchange key agreement with a final hash of SHA256 * added a "ForceCommand", "PermitOpen" directive to sshd_config(5) * added optional logging of transactions to sftp-server(8) * ssh(1) will now record port numbers for hosts stored in ~/.ssh/authorized_keys when a non-standard port has been requested * added an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established * extended sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments - removed obsoleted patches: autoconf-fix.patch ------------------------------------------------------------------- Tue Jul 25 13:40:10 CEST 2006 - schwab@suse.de - Fix syntax error in configure script. ------------------------------------------------------------------- Wed Jan 25 21:39:06 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Tue Jan 3 15:54:49 CET 2006 - postadal@suse.cz - updated to version 4.2p1 - removed obsoleted patches: upstream_fixes.diff, gssapi-secfix.patch ------------------------------------------------------------------- Thu Sep 8 16:20:06 CEST 2005 - postadal@suse.cz - don't strip ------------------------------------------------------------------- Thu Aug 4 11:30:18 CEST 2005 - uli@suse.de - parallelize build ------------------------------------------------------------------- Fri Jun 10 16:24:22 CEST 2005 - postadal@suse.cz - updated to version 4.1p1 - removed obsoleted patches: restore_terminal, pam-returnfromsession, timing-attacks-fix, krb5ccname, gssapi-pam, logdenysource, sendenv-fix, documentation-fix ------------------------------------------------------------------- Wed Jan 19 18:25:29 CET 2005 - postadal@suse.cz - renamed askpass-gnome package to openssh-askpass-gnome ------------------------------------------------------------------- Wed Jan 19 15:58:07 CET 2005 - postadal@suse.cz - splited spec file to decreas number of build dependencies