SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pam_ssh-2.3-lp150.61.1.x86_64.rpm :

* Tue Jan 15 2019 Wolfgang Rosenauer - Update to 2.3
* cleanup some leftovers from dropping SSH1 support in code and documentation
* Wed Jan 09 2019 Wolfgang Rosenauer - Update to 2.2
* upstream OpenSSL 1.1 compatibility (drop pam_ssh-openssl11.patch)
* upstream removed support for SSH1 and RSA1 protocols
* Fri Dec 01 2017 dimstarAATTopensuse.org- Explicitly call autoreconf: an implicit call requires the same version automake/autoconf to be present that was used to originally bootstrap the tarball (version 1.13).
* Thu Nov 30 2017 vcizekAATTsuse.com- Add support for building with OpenSSL 1.1 (bsc#1066988)
* partly based on https://github.com/openssh/openssh-portable/pull/48
* add pam_ssh-openssl11.patch
* Fri Jun 05 2015 mpluskalAATTsuse.com- Update to 2.1
* session/login/default keys lexical sort order
* add ED25519 key support
* updated openssh embedded code to 6.7p1- Cleanup spec file with spec-cleaner
* Sun Mar 08 2015 p.drouandAATTgmail.com- Update to version 2.01
* pam_ssh.1: updated man page to reflect the current implementation- Remove gpg-offline require and verification; OBS handles it- Use download Url as source
* Mon Nov 18 2013 wrAATTrosenauer.org- update to 2.0
* added support for ECDSA keys
* ssh-agent is now spawned in a different improved way
* ssh-agent is not started anymore for users without keys
* support try_first_password PAM option
* still ask for passphrase even if user does not exist
* expect keys used for login in ~/.ssh/login-keys.d directory (see README; this behaviour will cause old setups to fail since the default keys are not used anymore for auth)
* \"keyfiles\" option has been removed and all found keys which can be opened using the provided passphrase will be added to the agent
* alternative keys not used for login purposes and not named like the default keys will be decrypted and saved for the agent when placed in ~/.ssh/session-keys.d directory
* when there is no controlling tty now use the PID to create the session file
* return PAM_SESSION_ERR from within the session part instead of PAM_AUTH_ERR
* honour TMPDIR for ssh-agent
* start ssh-agent with GID of the group given at compile time to the new configure option - -with-ssh-agent-group- switched archive to XZ- verify detached signature
* Thu Jun 06 2013 vcizekAATTsuse.com- restore credentials before exitting from pam_sm_open_session
* fixes bnc#823484
* added James Carter\'s pam_ssh-1.97-no_tty_stay_as_user.patch
* Mon Apr 29 2013 wrAATTrosenauer.org- update to 1.98
* bugfix update obsoleting - pam_ssh-1.97-empty_passphrase_segfault.patch - pam_ssh-1.97-setgid.patch - pam_ssh-1.97-sigmask.patch - pam_ssh-double-free.patch
* Sat Jan 12 2013 cooloAATTsuse.com- remove suse_update_config
* Thu Jan 12 2012 vcizekAATTsuse.com- added patch that prevents segfault when empty passphrase is supplied (bnc#741541)
* Mon Nov 28 2011 jengelhAATTmedozas.de- Remove redundant/unwanted tags/section (cf. specfile guidelines)- Use %_smp_mflags for parallel building
* Sun Nov 27 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Sun Oct 30 2011 mkubecekAATTsuse.cz- pam_ssh-1.97-sigmask.patch: Clear signal mask before executing ssh-agent as pam_ssh code can be called from kdm with blocked TERM signal which would be inherited by ssh-agent (bnc#727246).
* Wed May 11 2011 vcizekAATTnovell.com- set gid/groups before executing ssh-agent (bnc#665061)
* Mon Apr 18 2011 vcizekAATTnovell.com- fix for bnc#688120 (pam_ssh double free)
* Mon Feb 01 2010 jengelhAATTmedozas.de- package baselibs.conf
* Wed Jun 24 2009 sbrabecAATTsuse.cz- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Wed Jun 24 2009 sbrabecAATTsuse.cz- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Tue Apr 14 2009 anickaAATTsuse.cz- update to 1.97
* pam_get_pass.c: CVE-2009-1273 pam_ssh used a certain prompt if a user found to exist to ask for the SSH passphrase explicitely depending on whether the username was valid or invalid, which made it easier for remote attackers to enumerate usernames.- remove last patch
* Fri Apr 10 2009 anickaAATTsuse.cz- add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat bugzilla (#492153)
  
ICM