2023-12-18 18:07:25 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
libssh: update to 0.106.
version 0.10.6 (released 2023-12-18)
* Fix CVE-2023-6004: Command injection using proxycommand
* Fix CVE-2023-48795: Potential downgrade attack using strict kex
* Fix CVE-2023-6918: Missing checks for return values of MD functions
* Fix ssh_send_issue_banner() for CMD(PowerShell)
* Avoid passing other events to callbacks when poll is called recursively (#202)
* Allow @ in usernames when parsing from URI composes
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-06-13 19:54:44 by Amitai Schleier | Files touched by this commit (3) |
Log message:
libssh: add 'gssapi' option, enabled (as before) by default. Bump PKGREVISION.
|
2023-05-07 12:21:56 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
libssh: update to 0.105.
version 0.10.5 (released 2023-05-04)
* Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm guessing
* Fix CVE-2023-2283: a possible authorization bypass in
pki_verify_data_signature under low-memory conditions.
* Fix several memory leaks in GSSAPI handling code
* Escape braces in ProxyCommand created from ProxyJump options for zsh
compatibility.
* Fix pkg-config path relocation for MinGW
* Improve doxygen documentation
* Fix build with cygwin due to the glob support
* Do not enqueue outgoing packets after sending SSH2_MSG_NEWKEYS
* Add support for SSH_SUPPRESS_DEPRECATED
* Avoid functions declarations without prototype to build with clang 15
* Fix spelling issues
* Avoid expanding KnownHosts, ProxyCommands and IdentityFiles repetitively
* Add support sk-* keys through configuration
* Improve checking for Argp library
* Log information about received extensions
* Correctly handle rekey with delayed compression
* Move the EC keys handling to OpenSSL 3.0 API
* Record peer disconnect message
* Avoid deadlock when write buffering occurs and we call poll recursively to
flush the output buffer
* Disable preauthentication compression by default
* Add CentOS 8 Stream / OpenSSL 1.1.1 to CI
* Add accidentally removed default compile flags
* Solve incorrect parsing of ProxyCommand option
|
2023-04-15 23:36:14 by Tobias Nygren | Files touched by this commit (5) | |
Log message:
libssh: update to 0.10.4
version 0.10.4 (released 2022-09-07)
* Fixed issues with KDF on big endian
version 0.10.3 (released 2022-09-05)
* Fixed possible infinite loop in known hosts checking
version 0.10.2 (released 2022-09-02)
* Fixed tilde expansion when handling include directives
* Fixed building the shared torture library
* Made rekey test more robust (fixes running on i586 build systems e.g koji)
version 0.10.1 (released 2022-08-30)
* Fixed proxycommand support
* Fixed musl libc support
version 0.10.0 (released 2022-08-26)
* Added support for OpenSSL 3.0
* Added support for mbedTLS 3
* Added support for Smart Cards (through openssl pkcs11 engine)
* Added support for chacha20-poly1305@openssh.com with libgcrypt
* Added support ed25519 keys in PEM files
* Added support for sk-ecdsa and sk-ed25519 (server side)
* Added support for limiting RSA key sizes and not accepting small one by
default
* Added support for ssh-agent on Windows
* Added ssh_userauth_publickey_auto_get_current_identity() API
* Added ssh_vlog() API
* Added ssh_send_issue_banner() API
* Added ssh_session_set_disconnect_message() API
* Added new configuration options:
+ IdentityAgent
+ ModuliFile
* Provided X11 client example
* Disabled DSA support at build time by default (will be removed in the next
release)
* Deprecated the SCP API!
* Deprecated old pubkey, privatekey API
* Avoided some needless large stack buffers to minimize memory footprint
* Removed support for OpenSSL < 1.0.1
* Fixed parsing username@host in login name
* Free global init mutex in the destructor on Windows
* Fixed PEM parsing in mbedtls to support both legacy and new PKCS8 formats
|
2023-01-24 19:36:36 by Thomas Klausner | Files touched by this commit (103) |
Log message:
*: convert to cmake/build.mk
|
2022-01-29 19:05:30 by Thomas Klausner | Files touched by this commit (1) |
Log message:
libssh: stop pulling in argp in buildlink3.mk
|
2022-01-29 10:04:15 by Thomas Klausner | Files touched by this commit (1) |
Log message:
libssh: argp is only used for examples, which are not installed
Bump PKGREVISION
|
2022-01-29 10:02:01 by Thomas Klausner | Files touched by this commit (1) |
Log message:
libssh: cmocka is a test framework and thus only needed at build time
Bump PKGREVISION.
|
2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
|