Date: Fri, 14 May 1999 11:16:42 +0200 From: sthaug@nethelp.no To: freebsd-security@freebsd.org Subject: ssh-1.2.27 is out Message-ID: <61491.926673402@verdi.nethelp.no>
next in thread | raw e-mail | index | archive | help
Just FYI: ssh-1.2.27 is out. These are the updates relative to 1.2.26,
according to the ChangeLog.
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
----------------------------------------------------------------------
Thu Apr 29 10:46:21 1999 Timo J. Rinne <tri@ssh.fi>
* Replaced OSF1/C2 security support with more complete SIA
(Security Integration Architecture).
Mon Feb 22 10:00:12 1999 Timo J. Rinne <tri@ssh.fi>
* Added snprintf from ssh2.
* Tatu's sprintf -> snprintf fixes.
* Fixed potential buffer overflows.
* Kerberos authentication disabled, if client is suid-root.
This is the only way to avoid security problems that are
in Kerberos rather than in ssh.
Wed Nov 25 00:04:11 1998 Tatu Ylonen <ylo@ssh.fi>
* sshd.c (sgi_project_setup): patches from Luigi Pugnetti
<luigi@symbolic.it>, Eivind Gjelseth <eivind@ii.uib.no>,
Randolph J. Herber <herber@fnal.gov>, Sevo Stille <sevo@inm.de>.
* sshd.c (sgi_project_acct_on): patches from Vern Staats,
staatsvr@asc.hpc.mil.
* sshd.c (login_permitted): Added support for locked accounts on
AIX. Thanks to "Delius, Felix von"
<Felix.von-Delius@dresdner-bank.com>.
* login.c: Improvements for glibc 2.0.100+ from D.A. Harris
<rodmur@ecst.csuchico.edu>.
Tue Nov 24 23:27:20 1998 Tatu Ylonen <ylo@ssh.fi>
* login.c: Removed assignment to ux.ut_exit.e_{termination,exit},
because they are already zeroed and the assignment is causing
problems on some platforms.
* Fixed uninitialized variable err in sgi_project_setup (from
Eivind Gjelseth <eivind@ii.uib.no>).
* ssh-agent.c: Fixed -D (from Ian Goldberg <iang@cs.berkeley.edu>).
* Fixed undefined __udiv_qrnnd bug on Solaris (reported by Karl
Berry <karl@suite.deas.harvard.edu>).
* Fixed a bug in idle timeouts (reported by "David
M. Dandarnobody"@nowhere).
* Fixed deattack.c on Cray (patch from Andreas Schott
<schott@rzg.mpg.de>).
* Fixed x11 forwarding on SunOS 4.1.4 (gethostbyname bug, reported
by Bradford Hull <brad@tera.com>.
* Added snprintf from ssh2. Changed most sprintfs to snprintf.
* Fixed a hard-to-exploit security bug in Kerberos code.
* Added length limitations in manu sprintfs.
Mon Jul 13 16:23:15 1998 Tero Kivinen <kivinen@ssh.fi>
* Removed extra ux.ut_syslen setting. Reported by Felix von
Leitner <leitner@amdiv.de>.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?61491.926673402>