While here,
* set LICENSE=gnu-gpl-v2
* marked as user-destdir installation ready
* switch to use system argp
* add missing zlib buildlink
News for the 2.0.4 release
Fixed x11 forwarding bug in the lsh client.
News for the 2.0.3 release
At startup, lshd now tries to close any spurious open file
descriptors. New test case for lshd fd leakage.
lshd --daemonic --no-syslog now sets up a proper daemonic
environment, except that log messages are still sent to
stderr. Improved testing of this feature.
"unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related
to the randomness generator, which allows local users to cause a denial
of service by truncating the seed file, which prevents the server from
starting, or obtain sensitive seed information that could be used to
crack keys."
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353
security/lsh at 1.4.3.
lsh-2.0.1 has interoperability problems with openssh servers
(always gets "Invalid server signature" errors).
lsh-1.4.3 is not affected by CAN-2003-0826. Add a patch to address
CAN-2005-0814 and bump PKGREVISION.