SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pam_ssh-2.3-61.1.x86_64.rpm :
Tue Jan 15 13:00:00 2019 Wolfgang Rosenauer
- Update to 2.3

* cleanup some leftovers from dropping SSH1 support in code and
documentation

Wed Jan 9 13:00:00 2019 Wolfgang Rosenauer
- Update to 2.2

* upstream OpenSSL 1.1 compatibility
(drop pam_ssh-openssl11.patch)

* upstream removed support for SSH1 and RSA1 protocols

Fri Dec 1 13:00:00 2017 dimstarAATTopensuse.org
- Explicitly call autoreconf: an implicit call requires the same
version automake/autoconf to be present that was used to
originally bootstrap the tarball (version 1.13).

Thu Nov 30 13:00:00 2017 vcizekAATTsuse.com
- Add support for building with OpenSSL 1.1 (bsc#1066988)

* partly based on https://github.com/openssh/openssh-portable/pull/48

* add pam_ssh-openssl11.patch

Fri Jun 5 14:00:00 2015 mpluskalAATTsuse.com
- Update to 2.1

* session/login/default keys lexical sort order

* add ED25519 key support

* updated openssh embedded code to 6.7p1
- Cleanup spec file with spec-cleaner

Sun Mar 8 13:00:00 2015 p.drouandAATTgmail.com
- Update to version 2.01

* pam_ssh.1: updated man page to reflect the current implementation
- Remove gpg-offline require and verification; OBS handles it
- Use download Url as source

Mon Nov 18 13:00:00 2013 wrAATTrosenauer.org
- update to 2.0

* added support for ECDSA keys

* ssh-agent is now spawned in a different improved way

* ssh-agent is not started anymore for users without keys

* support try_first_password PAM option

* still ask for passphrase even if user does not exist

* expect keys used for login in ~/.ssh/login-keys.d directory
(see README; this behaviour will cause old setups to fail
since the default keys are not used anymore for auth)

* \"keyfiles\" option has been removed and all found keys
which can be opened using the provided passphrase will be
added to the agent

* alternative keys not used for login purposes and not named
like the default keys will be decrypted and saved for the
agent when placed in ~/.ssh/session-keys.d directory

* when there is no controlling tty now use the PID to
create the session file

* return PAM_SESSION_ERR from within the session part
instead of PAM_AUTH_ERR

* honour TMPDIR for ssh-agent

* start ssh-agent with GID of the group given at
compile time to the new configure option
- -with-ssh-agent-group
- switched archive to XZ
- verify detached signature

Thu Jun 6 14:00:00 2013 vcizekAATTsuse.com
- restore credentials before exitting from pam_sm_open_session

* fixes bnc#823484

* added James Carter\'s pam_ssh-1.97-no_tty_stay_as_user.patch

Mon Apr 29 14:00:00 2013 wrAATTrosenauer.org
- update to 1.98

* bugfix update obsoleting
- pam_ssh-1.97-empty_passphrase_segfault.patch
- pam_ssh-1.97-setgid.patch
- pam_ssh-1.97-sigmask.patch
- pam_ssh-double-free.patch

Sat Jan 12 13:00:00 2013 cooloAATTsuse.com
- remove suse_update_config

Thu Jan 12 13:00:00 2012 vcizekAATTsuse.com
- added patch that prevents segfault when empty passphrase is
supplied (bnc#741541)

Mon Nov 28 13:00:00 2011 jengelhAATTmedozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)
- Use %_smp_mflags for parallel building

Sun Nov 27 13:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to avoid implicit dependency

Sun Oct 30 13:00:00 2011 mkubecekAATTsuse.cz
- pam_ssh-1.97-sigmask.patch:
Clear signal mask before executing ssh-agent as pam_ssh code can
be called from kdm with blocked TERM signal which would be
inherited by ssh-agent (bnc#727246).

Wed May 11 14:00:00 2011 vcizekAATTnovell.com
- set gid/groups before executing ssh-agent (bnc#665061)

Mon Apr 18 14:00:00 2011 vcizekAATTnovell.com
- fix for bnc#688120 (pam_ssh double free)

Mon Feb 1 13:00:00 2010 jengelhAATTmedozas.de
- package baselibs.conf

Wed Jun 24 14:00:00 2009 sbrabecAATTsuse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).

Wed Jun 24 14:00:00 2009 sbrabecAATTsuse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).

Tue Apr 14 14:00:00 2009 anickaAATTsuse.cz
- update to 1.97

* pam_get_pass.c: CVE-2009-1273
pam_ssh used a certain prompt if a user found to exist to ask
for the SSH passphrase explicitely depending on whether the
username was valid or invalid, which made it easier for remote
attackers to enumerate usernames.
- remove last patch

Fri Apr 10 14:00:00 2009 anickaAATTsuse.cz
- add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat
bugzilla (#492153)


  
ICM