2008-07-24 18:25:47 +02:00
|
|
|
$NetBSD: distinfo,v 1.70 2008/07/24 16:25:47 tnn Exp $
|
2001-04-17 13:43:32 +02:00
|
|
|
|
2008-04-27 02:34:27 +02:00
|
|
|
SHA1 (openssh-5.0.1-20080427/openssh-5.0p1-hpn13v3.diff.gz) = 688265249dfaa449283ddfae2f81a9b6e3507f86
|
|
|
|
|
RMD160 (openssh-5.0.1-20080427/openssh-5.0p1-hpn13v3.diff.gz) = d4baca41f6212036b513173835de6e1081d49ac8
|
|
|
|
|
Size (openssh-5.0.1-20080427/openssh-5.0p1-hpn13v3.diff.gz) = 24060 bytes
|
|
|
|
|
SHA1 (openssh-5.0.1-20080427/openssh-5.0p1.tar.gz) = 121cea3a730c0b0353334b6f46f438de30ab4928
|
|
|
|
|
RMD160 (openssh-5.0.1-20080427/openssh-5.0p1.tar.gz) = b813234014e339fe2d9d10a5adad9f8e065918fc
|
|
|
|
|
Size (openssh-5.0.1-20080427/openssh-5.0p1.tar.gz) = 1011556 bytes
|
2006-11-08 02:49:22 +01:00
|
|
|
SHA1 (patch-aa) = 8b7a16e9a63cfff3b73d70b9cebb6627b96396e0
|
|
|
|
|
SHA1 (patch-ab) = a105c238c8dc774ed6992791b131da56824869e9
|
Update openssh package to 4.4.1 (openssh-4.4p1).
- A few pkglint warning clean up.
- Major changes are here. For complete changes,
see http://www.openssh.com/txt/release-4.4.
Changes since OpenSSH 4.3:
============================
Security bugs resolved in this release:
* Fix a pre-authentication denial of service found by Tavis Ormandy,
that would cause sshd(8) to spin until the login grace time
expired.
* Fix an unsafe signal hander reported by Mark Dowd. The signal
handler was vulnerable to a race condition that could be exploited
to perform a pre-authentication denial of service. On portable
OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication
is enabled, but the likelihood of successful exploitation appears
remote.
* On portable OpenSSH, fix a GSSAPI authentication abort that could
be used to determine the validity of usernames on some platforms.
This release includes the following new functionality and fixes:
* Implemented conditional configuration in sshd_config(5) using the
"Match" directive. This allows some configuration options to be
selectively overridden if specific criteria (based on user, group,
hostname and/or address) are met. So far a useful subset of post-
authentication options are supported and more are expected to be
added in future releases.
* Add support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256.
* Added a "ForceCommand" directive to sshd_config(5). Similar to the
command="..." option accepted in ~/.ssh/authorized_keys, this forces
the execution of the specified command regardless of what the user
requested. This is very useful in conjunction with the new "Match"
option.
* Add a "PermitOpen" directive to sshd_config(5). This mirrors the
permitopen="..." authorized_keys option, allowing fine-grained
control over the port-forwardings that a user is allowed to
establish.
* Add optional logging of transactions to sftp-server(8).
* ssh(1) will now record port numbers for hosts stored in
~/.ssh/authorized_keys when a non-standard port has been requested.
* Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with
a non-zero exit code) when requested port forwardings could not be
established.
* Extend sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments.
* Replacement of all integer overflow susceptible invocations of
malloc(3) and realloc(3) with overflow-checking equivalents.
* Many manpage fixes and improvements
* New portable OpenSSH-specific features:
- Add optional support for SELinux, controlled using the
--with-selinux configure option (experimental)
- Add optional support for Solaris process contracts, enabled
using the --with-solaris-contracts configure option (experimental)
This option will also include SMF metadata in Solaris packages
built using the "make package" target
- Add optional support for OpenSSL hardware accelerators (engines),
enabled using the --with-ssl-engine configure option.
2006-10-31 04:31:19 +01:00
|
|
|
SHA1 (patch-ac) = dfb054ef02fbb5d206f6adaf82944f16da20eaf9
|
|
|
|
|
SHA1 (patch-ad) = 7921e029b56c0e4769a7ada03dff3eb2e275db7d
|
|
|
|
|
SHA1 (patch-ae) = 9585221f9e49b4ebea31c374066d70e11aa804a1
|
|
|
|
|
SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6
|
|
|
|
|
SHA1 (patch-ag) = b6f92a5394a3442fcc0c2a2ee204c10df5a4aea5
|
|
|
|
|
SHA1 (patch-ah) = bc0d7c2903ecf264e62b53f3864812af5f2f04ce
|
|
|
|
|
SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403
|
|
|
|
|
SHA1 (patch-aj) = 4f477f40d1d891dcda9083cec5521e80410ebd54
|
|
|
|
|
SHA1 (patch-ak) = 3720afb4e95356d5310762cda881820d524dcffc
|
|
|
|
|
SHA1 (patch-al) = d312a068047a375e52180026554bab745efdcdb7
|
|
|
|
|
SHA1 (patch-am) = 4e2278b20e87e530e1819efde976d4414e160e38
|
2007-03-18 13:38:44 +01:00
|
|
|
SHA1 (patch-an) = 2f955b8891bedd79986490d282eb09acd4910250
|
2008-04-27 02:34:27 +02:00
|
|
|
SHA1 (patch-ao) = a7c5a1832cb2a4584c77577fb125f84a1e9a9deb
|
|
|
|
|
SHA1 (patch-ap) = 3029b847ce83305e8103276e27c75e0338e1fc08
|
Update openssh package to 4.4.1 (openssh-4.4p1).
- A few pkglint warning clean up.
- Major changes are here. For complete changes,
see http://www.openssh.com/txt/release-4.4.
Changes since OpenSSH 4.3:
============================
Security bugs resolved in this release:
* Fix a pre-authentication denial of service found by Tavis Ormandy,
that would cause sshd(8) to spin until the login grace time
expired.
* Fix an unsafe signal hander reported by Mark Dowd. The signal
handler was vulnerable to a race condition that could be exploited
to perform a pre-authentication denial of service. On portable
OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication
is enabled, but the likelihood of successful exploitation appears
remote.
* On portable OpenSSH, fix a GSSAPI authentication abort that could
be used to determine the validity of usernames on some platforms.
This release includes the following new functionality and fixes:
* Implemented conditional configuration in sshd_config(5) using the
"Match" directive. This allows some configuration options to be
selectively overridden if specific criteria (based on user, group,
hostname and/or address) are met. So far a useful subset of post-
authentication options are supported and more are expected to be
added in future releases.
* Add support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256.
* Added a "ForceCommand" directive to sshd_config(5). Similar to the
command="..." option accepted in ~/.ssh/authorized_keys, this forces
the execution of the specified command regardless of what the user
requested. This is very useful in conjunction with the new "Match"
option.
* Add a "PermitOpen" directive to sshd_config(5). This mirrors the
permitopen="..." authorized_keys option, allowing fine-grained
control over the port-forwardings that a user is allowed to
establish.
* Add optional logging of transactions to sftp-server(8).
* ssh(1) will now record port numbers for hosts stored in
~/.ssh/authorized_keys when a non-standard port has been requested.
* Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with
a non-zero exit code) when requested port forwardings could not be
established.
* Extend sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments.
* Replacement of all integer overflow susceptible invocations of
malloc(3) and realloc(3) with overflow-checking equivalents.
* Many manpage fixes and improvements
* New portable OpenSSH-specific features:
- Add optional support for SELinux, controlled using the
--with-selinux configure option (experimental)
- Add optional support for Solaris process contracts, enabled
using the --with-solaris-contracts configure option (experimental)
This option will also include SMF metadata in Solaris packages
built using the "make package" target
- Add optional support for OpenSSL hardware accelerators (engines),
enabled using the --with-ssl-engine configure option.
2006-10-31 04:31:19 +01:00
|
|
|
SHA1 (patch-aq) = a619b57361b04d5ab3d41375c18f7b99d71c8b34
|
|
|
|
|
SHA1 (patch-ar) = fce4dc1011a124f02b8e14980cda1d633b36aa7d
|
|
|
|
|
SHA1 (patch-as) = 19660f5983931ea3b053e6f4289cf6fae2ce50f3
|
2008-07-24 18:25:47 +02:00
|
|
|
SHA1 (patch-at) = 7e7220e024d59d5462157b1d16dd90f23ab697f3
|
Update openssh package to 4.4.1 (openssh-4.4p1).
- A few pkglint warning clean up.
- Major changes are here. For complete changes,
see http://www.openssh.com/txt/release-4.4.
Changes since OpenSSH 4.3:
============================
Security bugs resolved in this release:
* Fix a pre-authentication denial of service found by Tavis Ormandy,
that would cause sshd(8) to spin until the login grace time
expired.
* Fix an unsafe signal hander reported by Mark Dowd. The signal
handler was vulnerable to a race condition that could be exploited
to perform a pre-authentication denial of service. On portable
OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication
is enabled, but the likelihood of successful exploitation appears
remote.
* On portable OpenSSH, fix a GSSAPI authentication abort that could
be used to determine the validity of usernames on some platforms.
This release includes the following new functionality and fixes:
* Implemented conditional configuration in sshd_config(5) using the
"Match" directive. This allows some configuration options to be
selectively overridden if specific criteria (based on user, group,
hostname and/or address) are met. So far a useful subset of post-
authentication options are supported and more are expected to be
added in future releases.
* Add support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256.
* Added a "ForceCommand" directive to sshd_config(5). Similar to the
command="..." option accepted in ~/.ssh/authorized_keys, this forces
the execution of the specified command regardless of what the user
requested. This is very useful in conjunction with the new "Match"
option.
* Add a "PermitOpen" directive to sshd_config(5). This mirrors the
permitopen="..." authorized_keys option, allowing fine-grained
control over the port-forwardings that a user is allowed to
establish.
* Add optional logging of transactions to sftp-server(8).
* ssh(1) will now record port numbers for hosts stored in
~/.ssh/authorized_keys when a non-standard port has been requested.
* Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with
a non-zero exit code) when requested port forwardings could not be
established.
* Extend sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments.
* Replacement of all integer overflow susceptible invocations of
malloc(3) and realloc(3) with overflow-checking equivalents.
* Many manpage fixes and improvements
* New portable OpenSSH-specific features:
- Add optional support for SELinux, controlled using the
--with-selinux configure option (experimental)
- Add optional support for Solaris process contracts, enabled
using the --with-solaris-contracts configure option (experimental)
This option will also include SMF metadata in Solaris packages
built using the "make package" target
- Add optional support for OpenSSL hardware accelerators (engines),
enabled using the --with-ssl-engine configure option.
2006-10-31 04:31:19 +01:00
|
|
|
SHA1 (patch-au) = 6cfdfc531e2267017a15e66ea48c7ecfa2a3926f
|
2006-11-21 18:44:53 +01:00
|
|
|
SHA1 (patch-av) = 00f54c3fae7318b278b16bd0b01881a90bd31365
|
Update openssh package to 4.4.1 (openssh-4.4p1).
- A few pkglint warning clean up.
- Major changes are here. For complete changes,
see http://www.openssh.com/txt/release-4.4.
Changes since OpenSSH 4.3:
============================
Security bugs resolved in this release:
* Fix a pre-authentication denial of service found by Tavis Ormandy,
that would cause sshd(8) to spin until the login grace time
expired.
* Fix an unsafe signal hander reported by Mark Dowd. The signal
handler was vulnerable to a race condition that could be exploited
to perform a pre-authentication denial of service. On portable
OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication
is enabled, but the likelihood of successful exploitation appears
remote.
* On portable OpenSSH, fix a GSSAPI authentication abort that could
be used to determine the validity of usernames on some platforms.
This release includes the following new functionality and fixes:
* Implemented conditional configuration in sshd_config(5) using the
"Match" directive. This allows some configuration options to be
selectively overridden if specific criteria (based on user, group,
hostname and/or address) are met. So far a useful subset of post-
authentication options are supported and more are expected to be
added in future releases.
* Add support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256.
* Added a "ForceCommand" directive to sshd_config(5). Similar to the
command="..." option accepted in ~/.ssh/authorized_keys, this forces
the execution of the specified command regardless of what the user
requested. This is very useful in conjunction with the new "Match"
option.
* Add a "PermitOpen" directive to sshd_config(5). This mirrors the
permitopen="..." authorized_keys option, allowing fine-grained
control over the port-forwardings that a user is allowed to
establish.
* Add optional logging of transactions to sftp-server(8).
* ssh(1) will now record port numbers for hosts stored in
~/.ssh/authorized_keys when a non-standard port has been requested.
* Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with
a non-zero exit code) when requested port forwardings could not be
established.
* Extend sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments.
* Replacement of all integer overflow susceptible invocations of
malloc(3) and realloc(3) with overflow-checking equivalents.
* Many manpage fixes and improvements
* New portable OpenSSH-specific features:
- Add optional support for SELinux, controlled using the
--with-selinux configure option (experimental)
- Add optional support for Solaris process contracts, enabled
using the --with-solaris-contracts configure option (experimental)
This option will also include SMF metadata in Solaris packages
built using the "make package" target
- Add optional support for OpenSSL hardware accelerators (engines),
enabled using the --with-ssl-engine configure option.
2006-10-31 04:31:19 +01:00
|
|
|
SHA1 (patch-aw) = 2a88b7563c6f52163c6c5f716e437ecaea613a30
|
2008-04-27 02:34:27 +02:00
|
|
|
SHA1 (patch-ax) = 8b876f4ba5b020dbd41f1166fc0b169444874d5a
|
