SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libssh-devel-0.4.8-10.1.i586.rpm :
Sat Nov 24 13:00:00 2012 wrAATTrosenauer.org
- Fix multiple vulernabilities (bnc#789827):

* CVE-2012-4559 – Fix multiple double free() flaws
0007-CVE-2012-4559-Ensure-we-don-t-free-blob-or-request-t.patch
0008-CVE-2012-4559-Ensure-that-we-don-t-free-req-twice.patch
0009-CVE-2012-4559-Make-sure-we-don-t-free-name-and-longn.patch

* CVE-2012-4560 – Fix multiple buffer overflow flaws
0005-CVE-2012-4560-Fix-a-write-one-past-the-end-of-the-u-.patch
0006-CVE-2012-4560-Fix-a-write-one-past-the-end-of-buf.patch

* CVE-2012-4561 – Fix multiple invalid free() flaws
0010-CVE-2012-4561-Fix-error-handling-of-try_publickey_fr.patch
0011-CVE-2012-4561-Fix-possible-free-s-on-invalid-pointer.patch

* CVE-2012-4562 – Fix multiple improper overflow checks
0001-CVE-2012-4562-Fix-possible-integer-overflow-in-ssh_g.patch
0002-CVE-2012-4562-Fix-multiple-integer-overflows-in-buff.patch
0003-CVE-2012-4562-Fix-a-possible-infinite-loop-in-buffer.patch
0004-CVE-2012-4562-Fix-possible-string-related-integer-ov.patch

Sat Jan 15 13:00:00 2011 asnAATTcryptomilk.org
- Update to version 0.4.8

* Fixed memory leaks in session signing.

* Fixed memory leak in ssh_print_hexa.

* Fixed problem with ssh_connect w/ timeout and fd > 1024.

* Fixed some warnings on OS/2.

* Fixed installation path for OS/2.

Mon Dec 27 13:00:00 2010 asnAATTcynapses.org
- Update to version 0.4.7

* Fixed a possible memory leak in ssh_get_user_home().

* Fixed a memory leak in sftp_xstat.

* Fixed uninitialized fd->revents member.

* Fixed timout value in ssh_channel_accept().

* Fixed length checks in ssh_analyze_banner().

* Fixed a possible data overread and crash bug.

* Fixed setting max_fd which breaks ssh_select().

* Fixed some pedantic build warnings.

* Fixed a memory leak with session->bindaddr.

Sun Sep 5 14:00:00 2010 asnAATTcynapses.org
- Update to version 0.4.6

* Added a cleanup function to free the ws2_32 library.

* Fixed build with gcc 3.4.

* Fixed the Windows build on Vista and newer.

* Fixed the usage of WSAPoll() on Windows.

* Fixed \"AATTdeprecated\" in doxygen

* Fixed some mingw warnings.

* Fixed handling of opened channels.

* Fixed keepalive problem on older openssh servers.

* Fixed testing for big endian on Windows.

* Fixed the Windows preprocessor macros and defines.

Tue Jul 13 14:00:00 2010 anschneiderAATTexsuse.de
- Update to version 0.4.5

* Added option to bind a client to an ip address.

* Fixed the ssh socket polling function.

* Fixed Windows related bugs in bsd_poll().

* Fixed serveral build warnings.

Mon May 31 14:00:00 2010 anschneiderAATTexsuse.de
- Update to version 0.4.4

* Fixed some bugs ein path expand functions.

Mon May 17 14:00:00 2010 anschneiderAATTexsuse.de
- Update to version 0.4.3

* Added global/keepalive responses.

* Added runtime detection of WSAPoll().

* Added a select(2) based poll-emulation if poll(2) is not available.

* Added a function to expand an escaped string.

* Added a function to expand the tilde from a path.

* Added a proxycommand support.

* Added ssh_privatekey_type public function

* Added the possibility to define _OPENSSL_DIR and _ZLIB_DIR.

* Fixed sftp_chown.

* Fixed sftp_rename on protocol version 3.

* Fixed a blocking bug in channel_poll.

* Fixed config parsing wich has overwritten user specified values.

* Fixed hashed [host]:port format in knownhosts

* Fixed Windows build.

* Fixed doublefree happening after a negociation error.

* Fixed aes
*-ctr with <= OpenSSL 0.9.7b.

* Fixed some documentation.

* Fixed exec example which has broken read usage.

* Fixed broken algorithm choice for server.

* Fixed a typo that we don\'t export all symbols.

* Removed the unneeded dependency to doxygen.

* Build examples only on the Linux plattform.

Mon Mar 15 13:00:00 2010 anschneiderAATTexsuse.de
- Update to version 0.4.2

* Added owner and group information in sftp attributes.

* Added missing SSH_OPTIONS_FD option.

* Added printout of owner and group in the sftp example.

* Added a prepend function for ssh_list.

* Added send back replies to openssh\'s keepalives.

* Fixed documentation in scp code

* Fixed longname parsing, this only workings with readdir.

* Fixed and added support for several identity files.

* Fixed sftp_parse_longname() on Windows.

* Fixed a race condition bug in ssh_scp_close()

* Remove config support for SSHv1 Cipher variable.

* Rename ssh_list_add to ssh_list_append.

* Rename ssh_list_get_head to ssh_list_pop_head

Mon Feb 15 13:00:00 2010 anschneiderAATTexsuse.de
- Fixed Requires.

Sat Feb 13 13:00:00 2010 anschneiderAATTexsuse.de
- Update to version 0.4.1

* Added support for aes128-ctr, aes192-ctr and aes256-ctr encryption.

* Added an example for exec.

* Added private key type detection feature in privatekey_from_file().

* Fixed zlib compression fallback.

* Fixed kex bug that client preference should be prioritary

* Fixed known_hosts file set by the user.

* Fixed a memleak in channel_accept().

* Fixed underflow when leave_function() are unbalanced

* Fixed memory corruption in handle_channel_request_open().

* Fixed closing of a file handle case of errors in privatekey_from_file().

* Fixed ssh_get_user_home_dir() to be thread safe.

* Fixed the doxygen documentation.

Thu Dec 10 13:00:00 2009 anschneiderAATTexsuse.de
- Update to version 0.4.0

* Added scp support.

* Added support for sending signals (RFC 4254, section 6.9).

* Added MSVC support.

* Added support for ~/.ssh/config.

* Added sftp extension support.

* Added X11 forwarding support for client.

* Added forward listening.

* Added support for openssh extensions (statvfs, fstatvfs).

* Added a cleaned up interface for setting options.

* Added a generic way to handle sockets asynchronously.

* Added logging of the sftp flags used to open a file.

* Added full poll() support and poll-emulation for win32.

* Added missing 64bit functions in sftp.

* Added support for ~/ and SSH_DIR/ in filenames instead of %s/.

* Fixed Fix channel_get_exit_status bug.

* Fixed calltrace logging to make it optional.

* Fixed compilation on Solaris.

* Fixed resolving of ip addresses.

* Fixed libssh compilation without server support.

* Fixed possible memory corruptions (ticket #14).

Mon Sep 14 14:00:00 2009 anschneiderAATTexsuse.de
- Update to version 0.3.4.

* Added ssh_basename and ssh_dirname.

* Added a portable ssh_mkdir function.

* Added a sftp_tell64() function.

* Added missing NULL pointer checks to crypt_set_algorithms_server.

* Fixed ssh_write_knownhost if ~/.ssh doesn\'t exist.

* Fixed a possible integer overflow in buffer_get_data().

* Fixed possible security bug in packet_decrypt().

Tue Aug 18 14:00:00 2009 anschneiderAATTexsuse.de
- Update to version 0.3.3.

* Fixed double free pointer crash in dsa_public_to_string.

* Fixed channel_get_exit_status bug.

* Fixed ssh_finalize which didn\'t clear the flag.

* Fixed memory leak introduced by previous bugfix.

* Fixed channel_poll broken when delayed EOF recvd.

* Fixed stupid \"can\'t parse known host key\" bug.

* Fixed possible memory corruption (ticket #14).

Tue Aug 4 14:00:00 2009 anschneiderAATTexsuse.de
- Update to version 0.3.2

* Added ssh_init() function.

* Added sftp_readlink() function.

* Added sftp_symlink() function.

* Fixed ssh_write_knownhost().

* Fixed compilation on Solaris.

* Fixed SSHv1 compilation.

Tue Jul 14 14:00:00 2009 anschneiderAATTexsuse.de
- Update to version 0.3.1

* Added return code SSH_SERVER_FILE_NOT_FOUND.

* Fixed compilation of SSHv1.

* Fixed several memory leaks.

* Fixed possible infinite loops.

* Fixed a possible crash bug.

* Fixed build warnings.

* Fixed cmake on BSD.

Thu May 21 14:00:00 2009 anschneiderAATTexsuse.de
- Update to version 0.3.0

* Added support for ssh-agent authentication.

* Added POSIX like sftp implementation.

* Added error checking to all functions.

* Added const to arguments where it was needed.

* Added a channel_get_exit_status() function.

* Added a channel_read_buffer() function, channel_read() is now
a POSIX like function.

* Added a more generic auth callback function.

* Added printf attribute checking for log and error functions.

* Added runtime function tracer support.

* Added NSIS build support with CPack.

* Added openssh hashed host support.

* Added API documentation for all public functions.

* Added asynchronous SFTP read function.

* Added a ssh_bind_set_fd() function.

* Fixed known_hosts parsing.

* Fixed a lot of build warnings.

* Fixed the Windows build.

* Fixed a lot of memory leaks.

* Fixed a double free corruption in the server support.

* Fixed the \"ssh_accept:\" bug in server support.

* Fixed important channel bugs.

* Refactored the socket handling.

* Switched to CMake build system.

* Improved performance.


  
ICM