SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pam_ssh-2.0-1.1.x86_64.rpm :
Mon Nov 18 13:00:00 2013 wrAATTrosenauer.org
- update to 2.0

* added support for ECDSA keys

* ssh-agent is now spawned in a different improved way

* ssh-agent is not started anymore for users without keys

* support try_first_password PAM option

* still ask for passphrase even if user does not exist

* expect keys used for login in ~/.ssh/login-keys.d directory
(see README; this behaviour will cause old setups to fail
since the default keys are not used anymore for auth)

* \"keyfiles\" option has been removed and all found keys
which can be opened using the provided passphrase will be
added to the agent

* alternative keys not used for login purposes and not named
like the default keys will be decrypted and saved for the
agent when placed in ~/.ssh/session-keys.d directory

* when there is no controlling tty now use the PID to
create the session file

* return PAM_SESSION_ERR from within the session part
instead of PAM_AUTH_ERR

* honour TMPDIR for ssh-agent

* start ssh-agent with GID of the group given at
compile time to the new configure option
- -with-ssh-agent-group
- switched archive to XZ
- verify detached signature

Thu Jun 6 14:00:00 2013 vcizekAATTsuse.com
- restore credentials before exitting from pam_sm_open_session

* fixes bnc#823484

* added James Carter\'s pam_ssh-1.97-no_tty_stay_as_user.patch

Mon Apr 29 14:00:00 2013 wrAATTrosenauer.org
- update to 1.98

* bugfix update obsoleting
- pam_ssh-1.97-empty_passphrase_segfault.patch
- pam_ssh-1.97-setgid.patch
- pam_ssh-1.97-sigmask.patch
- pam_ssh-double-free.patch

Sat Jan 12 13:00:00 2013 cooloAATTsuse.com
- remove suse_update_config

Thu Jan 12 13:00:00 2012 vcizekAATTsuse.com
- added patch that prevents segfault when empty passphrase is
supplied (bnc#741541)

Mon Nov 28 13:00:00 2011 jengelhAATTmedozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)
- Use %_smp_mflags for parallel building

Sun Nov 27 13:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to avoid implicit dependency

Sun Oct 30 13:00:00 2011 mkubecekAATTsuse.cz
- pam_ssh-1.97-sigmask.patch:
Clear signal mask before executing ssh-agent as pam_ssh code can
be called from kdm with blocked TERM signal which would be
inherited by ssh-agent (bnc#727246).

Wed May 11 14:00:00 2011 vcizekAATTnovell.com
- set gid/groups before executing ssh-agent (bnc#665061)

Mon Apr 18 14:00:00 2011 vcizekAATTnovell.com
- fix for bnc#688120 (pam_ssh double free)

Mon Feb 1 13:00:00 2010 jengelhAATTmedozas.de
- package baselibs.conf

Wed Jun 24 14:00:00 2009 sbrabecAATTsuse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).

Wed Jun 24 14:00:00 2009 sbrabecAATTsuse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).

Tue Apr 14 14:00:00 2009 anickaAATTsuse.cz
- update to 1.97

* pam_get_pass.c: CVE-2009-1273
pam_ssh used a certain prompt if a user found to exist to ask
for the SSH passphrase explicitely depending on whether the
username was valid or invalid, which made it easier for remote
attackers to enumerate usernames.
- remove last patch

Fri Apr 10 14:00:00 2009 anickaAATTsuse.cz
- add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat
bugzilla (#492153)


  
ICM