SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for openssh-askpass-4.3p2-41.SEL5_5.i386.rpm :

* Mon Apr 05 2010 Eddy Nigg - Rebuild for StartCom Linux 5.0.x
* Fri Jan 22 2010 Jan F. Chadima - 4.3p2-41- add RAND_cleanup at the exit of each program using RAND (#557166)
* Tue Dec 01 2009 Jan F. Chadima - 4.3p2-40- revert adjustable buffer length patch (#508914)
* Wed Nov 11 2009 Jan F. Chadima - 4.3p2-39- set adjustable buffer length (#508914)
* Thu Nov 05 2009 Jan F. Chadima - 4.3p2-38- set better buffer length in latency patch (#508914)- close error file descriptor before running external subsystem (#530358)- prevent initscript from hanging when generates the keys (#531738)
* Wed Sep 16 2009 Jan F. Chadima - 4.3p2-37- minimize chroot patch to be compatible with upstream (#522141)
* Wed Aug 19 2009 Tomas Mraz - 4.3p2-36.1- revert latency patch to solve scp stall regression (#508914)
* Wed Jun 24 2009 Jan F. Chadima - 4.3p2-36- tiny change in chroot sftp capability into openssh-server solve ls speed problem (#440240)
* Wed May 27 2009 Jan F. Chadima - 4.3p2-35- workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 (#502230)
* Sat May 16 2009 Tomas Mraz - 4.3p2-34- disable protocol 1 in the FIPS mode
* Fri May 01 2009 Jan F. Chadima - 4.3p2-33- fix scp hangup on exit (#454812)- call integrity checks only on binaries which are part of the OpenSSH FIPS modules
* Tue Apr 21 2009 Tomas Mraz - 4.3p2-32- log if FIPS mode is initialized (#492363)- check the integrity of the binaries in the FIPS mode (#467268)
* Thu Apr 09 2009 Jan F. Chadima - 4.3p2-31- fix ssh hangup on exit (#454812)
* Fri Mar 27 2009 Jan F. Chadima - 4.3p2-30- add chroot sftp capability into openssh-server (#440240)
* Fri Oct 03 2008 Tomas Mraz - 4.3p2-29- allow options for the sshd subsystem for the sftp logging support (#452619)
* Fri Sep 12 2008 Tomas Mraz - 4.3p2-28- use OpenSSL RNG directly (needed for FIPS-140-2 compliance)- when in FIPS mode do not try to use algorithms which are not allowed (#447936)- improve transfer speed on high latency connections (#227722)- more correct \'service sshd status\' reporting (#430877)- add logging support to the sftp server (#452619)- small scp manual page improvement (#433381)
* Sat Aug 16 2008 Dennis Gregorovic - 4.3p2-26.el5_2.1- CVE-2007-4752 - Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails (#280361)
* Tue Jan 15 2008 Tomas Mraz - 4.3p2-26- drain acks on sftp write failures (#251565)
* Sat Jul 14 2007 Tomas Mraz - 4.3p2-24- fixed audit log injection problem (CVE-2007-3102) (#248059)
* Fri Jun 22 2007 Tomas Mraz - 4.3p2-23- document where the nss certificate and token dbs are looked for
* Thu Jun 21 2007 Tomas Mraz - 4.3p2-22- experimental support for PKCS#11 tokens through libnss3 (#183423)
* Wed Apr 04 2007 Tomas Mraz - 4.3p2-21- fix an information leak in Kerberos password authentication (CVE-2006-5052) (#234638)- correctly setup context when empty level requested (#234951)
* Mon Mar 19 2007 Tomas Mraz - 4.3p2-20- and always request default level as returned by getseuserbyname (#231695)
* Mon Mar 19 2007 Tomas Mraz - 4.3p2-19- check requested level context against a context with the same role (#231695)
* Tue Feb 27 2007 Tomas Mraz - 4.3p2-18- reject connection if requested mls range is not obtained (#229278)
* Fri Feb 09 2007 Tomas Mraz - 4.3p2-17- allow selecting non-default roles and audit role changes (#227733)
* Thu Jan 11 2007 Tomas Mraz - 4.3p2-16- support also level selection on unlabeled networks (#220487)
* Fri Dec 22 2006 Tomas Mraz - 4.3p2-15- make sshd work with mls networking (patch by Klaus Weidner) (#220487)
* Thu Nov 30 2006 Tomas Mraz - 4.3p2-14- fix gssapi with DNS loadbalanced clusters (#216857)
* Tue Nov 28 2006 Tomas Mraz - 4.3p2-13- improved pam_session patch so it doesn\'t regress, the patch is necessary for the pam_session_close to be called correctly as uid 0 (#167488)
* Fri Nov 10 2006 Tomas Mraz - 4.3p2-10.1- CVE-2006-5794 - properly detect failed key verify in monitor (#214642)- kill all ssh sessions when stop is called in halt or reboot runlevel (#213008)- remove -TERM option from killproc so we don\'t race on sshd restart (#213490)
* Tue Oct 03 2006 Tomas Mraz - 4.3p2-10- improve gssapi-no-spnego patch (#208102)- CVE-2006-4924 - prevent DoS on deattack detector (#207957)- CVE-2006-5051 - don\'t call cleanups from signal handler (#208459)
* Thu Aug 24 2006 Tomas Mraz - 4.3p2-9- don\'t report duplicate syslog messages, use correct local time (#189158)- don\'t allow spnego as gssapi mechanism (from upstream)- fixed memleaks found by Coverity (from upstream)- allow ip options except source routing (#202856) (patch by HP)
* Wed Aug 09 2006 Tomas Mraz - 4.3p2-8- drop the pam-session patch from the previous build (#201341)- don\'t set IPV6_V6ONLY sock opt when listening on wildcard addr (#201594)
* Fri Jul 21 2006 Tomas Mraz - 4.3p2-7- dropped old ssh obsoletes- call the pam_session_open/close from the monitor when privsep is enabled so it is always called as root (patch by Darren Tucker)
* Tue Jul 18 2006 Tomas Mraz - 4.3p2-6- improve selinux patch (by Jan Kiszka)- upstream patch for buffer append space error (#191940)- fixed typo in configure.ac (#198986)- added pam_keyinit to pam configuration (#198628)- improved error message when askpass dialog cannot grab keyboard input (#198332)- buildrequires xauth instead of xorg-x11-xauth- fixed a few rpmlint warnings
* Thu Jul 13 2006 Jesse Keating - 4.3p2-5.1- rebuild
* Sat Apr 15 2006 Tomas Mraz - 4.3p2-5- don\'t request pseudoterminal allocation if stdin is not tty (#188983)
* Thu Mar 02 2006 Tomas Mraz - 4.3p2-4- allow access if audit is not compiled in kernel (#183243)
* Fri Feb 24 2006 Tomas Mraz - 4.3p2-3- enable the subprocess in chroot to send messages to system log- sshd should prevent login if audit call fails
* Tue Feb 21 2006 Tomas Mraz - 4.3p2-2- print error from scp if not remote (patch by Bjorn Augustsson #178923)
* Mon Feb 13 2006 Tomas Mraz - 4.3p2-1- new version
* Fri Feb 10 2006 Jesse Keating - 4.3p1-2.1- bump again for double-long bug on ppc(64)
* Mon Feb 06 2006 Tomas Mraz - 4.3p1-2- fixed another place where syslog was called in signal handler- pass locale environment variables to server, accept them there (#179851)
* Wed Feb 01 2006 Tomas Mraz - 4.3p1-1- new version, dropped obsolete patches
* Tue Dec 20 2005 Tomas Mraz - 4.2p1-10- hopefully make the askpass dialog less confusing (#174765)
* Fri Dec 09 2005 Jesse Keating - rebuilt
* Tue Nov 22 2005 Tomas Mraz - 4.2p1-9- drop x11-ssh-askpass from the package- drop old build_6x ifs from spec file- improve gnome-ssh-askpass so it doesn\'t reveal number of passphrase characters to person looking at the display- less hackish fix for the __USE_GNU problem
* Fri Nov 18 2005 Nalin Dahyabhai - 4.2p1-8- work around missing gccmakedep by wrapping makedepend in a local script- remove now-obsolete build dependency on \"xauth\"
* Thu Nov 17 2005 Warren Togami - 4.2p1-7- xorg-x11-devel -> libXt-devel- rebuild for new xauth location so X forwarding works- buildreq audit-libs-devel- buildreq automake for aclocal- buildreq imake for xmkmf- -D_GNU_SOURCE in flags in order to get it to build Ugly hack to workaround openssh defining __USE_GNU which is not allowed and causes problems according to Ulrich Drepper fix this the correct way after FC5test1
* Wed Nov 09 2005 Jeremy Katz - 4.2p1-6- rebuild against new openssl
* Sat Oct 29 2005 Tomas Mraz 4.2p1-5- put back the possibility to skip SELinux patch- add patch for user login auditing by Steve Grubb
* Wed Oct 19 2005 Dan Walsh 4.2p1-4- Change selinux patch to use get_default_context_with_rolelevel in libselinux.
* Fri Oct 14 2005 Tomas Mraz 4.2p1-3- Update selinux patch to use getseuserbyname
* Sat Oct 08 2005 Tomas Mraz 4.2p1-2- use include instead of pam_stack in pam config- use fork+exec instead of system in scp - CVE-2006-0225 (#168167)- upstream patch for displaying authentication errors
* Wed Sep 07 2005 Tomas Mraz 4.2p1-1- upgrade to a new upstream version
* Wed Aug 17 2005 Tomas Mraz 4.1p1-5- use x11-ssh-askpass if openssh-askpass-gnome is not installed (#165207)- install ssh-copy-id from contrib (#88707)
* Thu Jul 28 2005 Tomas Mraz 4.1p1-4- don\'t deadlock on exit with multiple X forwarded channels (#152432)- don\'t use X11 port which can\'t be bound on all IP families (#163732)
* Thu Jun 30 2005 Tomas Mraz 4.1p1-3- fix small regression caused by the nologin patch (#161956)- fix race in getpeername error checking (mindrot #1054)
* Fri Jun 10 2005 Tomas Mraz 4.1p1-2- use only pam_nologin for nologin testing
* Tue Jun 07 2005 Tomas Mraz 4.1p1-1- upgrade to a new upstream version- call pam_loginuid as a pam session module
* Tue May 17 2005 Tomas Mraz 4.0p1-3- link libselinux only to sshd (#157678)
* Tue Apr 05 2005 Tomas Mraz 4.0p1-2- fixed Local/RemoteForward in ssh_config.5 manpage- fix fatal when Local/RemoteForward is used and scp run (#153258)- don\'t leak user validity when using krb5 authentication
* Thu Mar 24 2005 Tomas Mraz 4.0p1-1- upgrade to 4.0p1- remove obsolete groups patch
* Wed Mar 16 2005 Elliot Lee - rebuilt
* Mon Feb 28 2005 Nalin Dahyabhai 3.9p1-12- rebuild so that configure can detect that krb5_init_ets is gone now
* Mon Feb 21 2005 Tomas Mraz 3.9p1-11- don\'t call syslog in signal handler- allow password authentication when copying from remote to remote machine (#103364)
* Wed Feb 09 2005 Tomas Mraz - add spaces to messages in initscript (#138508)
* Tue Feb 08 2005 Tomas Mraz 3.9p1-10- enable trusted forwarding by default if X11 forwarding is required by user (#137685 and duplicates)- disable protocol 1 support by default in sshd server config (#88329)- keep the gnome-askpass dialog above others (#69131)
* Fri Feb 04 2005 Tomas Mraz - change permissions on pam.d/sshd to 0644 (#64697)- patch initscript so it doesn\'t kill opened sessions if the sshd daemon isn\'t running anymore (#67624)
* Mon Jan 03 2005 Bill Nottingham 3.9p1-9- don\'t use initlog
* Mon Nov 29 2004 Thomas Woerner 3.9p1-8.1- fixed PIE build for all architectures
* Tue Oct 05 2004 Nalin Dahyabhai 3.9p1-8- add a --enable-vendor-patchlevel option which allows a ShowPatchLevel option to enable display of a vendor patch level during version exchange (#120285)- configure with --disable-strip to build useful debuginfo subpackages
* Tue Sep 21 2004 Bill Nottingham 3.9p1-7- when using gtk2 for askpass, don\'t buildprereq gnome-libs-devel
* Wed Sep 15 2004 Nalin Dahyabhai 3.9p1-6- build
* Tue Sep 14 2004 Nalin Dahyabhai - disable ACSS support
* Fri Sep 03 2004 Daniel Walsh 3.9p1-5- Change selinux patch to use get_default_context_with_role in libselinux.
* Fri Sep 03 2004 Daniel Walsh 3.9p1-4- Fix patch
* Bad debug statement.
* Handle root/sysadm_r:kerberos
* Fri Sep 03 2004 Daniel Walsh 3.9p1-3- Modify Colin Walter\'s patch to allow specifying rule during connection
* Wed Sep 01 2004 Daniel Walsh 3.9p1-2- Fix TTY handling for SELinux
* Wed Aug 25 2004 Daniel Walsh 3.9p1-1- Update to upstream
* Mon Aug 02 2004 Alan Cox 3.8.1p1-5- Apply buildreq fixup patch (#125296)
* Wed Jun 16 2004 Daniel Walsh 3.8.1p1-4- Clean up patch for upstream submission.
* Wed Jun 16 2004 Elliot Lee - rebuilt
* Thu Jun 10 2004 Daniel Walsh 3.8.1p1-2- Remove use of pam_selinux and patch selinux in directly.
* Tue Jun 08 2004 Nalin Dahyabhai 3.8.1p1-1- request gssapi-with-mic by default but not delegation (flag day for anyone who used previous gssapi patches)- no longer request x11 forwarding by default
* Fri Jun 04 2004 Daniel Walsh 3.6.1p2-36- Change pam file to use open and close with pam_selinux
* Wed Jun 02 2004 Nalin Dahyabhai 3.8.1p1-0- update to 3.8.1p1- add workaround from CVS to reintroduce passwordauth using pam
* Wed Jun 02 2004 Daniel Walsh 3.6.1p2-35- Remove CLOSEXEC on STDERR
* Tue Mar 16 2004 Daniel Walsh 3.6.1p2-34
* Wed Mar 03 2004 Phil Knirsch 3.6.1p2-33.30.1- Built RHLE3 U2 update package.
* Wed Mar 03 2004 Daniel Walsh 3.6.1p2-33- Close file descriptors on exec
* Mon Mar 01 2004 Thomas Woerner 3.6.1p2-32- fixed pie build
* Thu Feb 26 2004 Daniel Walsh 3.6.1p2-31- Add restorecon to startup scripts
* Thu Feb 26 2004 Daniel Walsh 3.6.1p2-30- Add multiple qualified to openssh
* Mon Feb 23 2004 Daniel Walsh 3.6.1p2-29- Eliminate selinux code and use pam_selinux
* Fri Feb 13 2004 Elliot Lee - rebuilt
* Mon Jan 26 2004 Daniel Walsh 3.6.1p2-27- turn off pie on ppc
* Mon Jan 26 2004 Daniel Walsh 3.6.1p2-26- fix is_selinux_enabled
* Wed Jan 14 2004 Daniel Walsh 3.6.1p2-25- Rebuild to grab shared libselinux
* Wed Dec 03 2003 Daniel Walsh 3.6.1p2-24- turn on selinux
* Tue Nov 18 2003 Nalin Dahyabhai - un#ifdef out code for reporting password expiration in non-privsep mode (#83585)
* Mon Nov 10 2003 Nalin Dahyabhai - add machinery to build with/without -fpie/-pie, default to doing so
* Thu Nov 06 2003 David Woodhouse 3.6.1p2-23- Don\'t whinge about getsockopt failing (#109161)
* Sat Oct 25 2003 Nalin Dahyabhai - add missing buildprereq on zlib-devel (#104558)
* Tue Oct 14 2003 Daniel Walsh 3.6.1p2-22- turn selinux off
* Tue Oct 14 2003 Daniel Walsh 3.6.1p2-21.sel- turn selinux on
* Sat Sep 20 2003 Daniel Walsh 3.6.1p2-21- turn selinux off
* Sat Sep 20 2003 Daniel Walsh 3.6.1p2-20.sel- turn selinux on
* Sat Sep 20 2003 Nalin Dahyabhai - additional fix for apparently-never-happens double-free in buffer_free()- extend fix for #103998 to cover SSH1
* Thu Sep 18 2003 Nalin Dahyabhai 3.6.1p2-19- rebuild
* Thu Sep 18 2003 Nalin Dahyabhai 3.6.1p2-18- additional buffer manipulation cleanups from Solar Designer
* Thu Sep 18 2003 Daniel Walsh 3.6.1p2-17- turn selinux off
* Thu Sep 18 2003 Daniel Walsh 3.6.1p2-16.sel- turn selinux on
* Wed Sep 17 2003 Bill Nottingham 3.6.1p2-15- rebuild
* Wed Sep 17 2003 Bill Nottingham 3.6.1p2-14- additional buffer manipulation fixes (CAN-2003-0695)
* Wed Sep 17 2003 Daniel Walsh 3.6.1p2-13.sel- turn selinux on
* Wed Sep 17 2003 Nalin Dahyabhai 3.6.1p2-12- rebuild
* Wed Sep 17 2003 Nalin Dahyabhai 3.6.1p2-11- apply patch to store the correct buffer size in allocated buffers (CAN-2003-0693)- skip the initial PAM authentication attempt with an empty password if empty passwords are not permitted in our configuration (#103998)
* Sat Sep 06 2003 Daniel Walsh 3.6.1p2-10- turn selinux off
* Sat Sep 06 2003 Daniel Walsh 3.6.1p2-9.sel- turn selinux on
* Wed Aug 27 2003 Daniel Walsh 3.6.1p2-8- Add BuildPreReq gtk2-devel if gtk2
* Wed Aug 13 2003 Nalin Dahyabhai 3.6.1p2-7- rebuild
* Wed Aug 13 2003 Nalin Dahyabhai 3.6.1p2-6- modify patch which clears the supplemental group list at startup to only complain if setgroups() fails if sshd has euid == 0- handle krb5 installed in %{_prefix} or elsewhere by using krb5-config
* Tue Jul 29 2003 Daniel Walsh 3.6.1p2-5- Add SELinux patch
* Wed Jul 23 2003 Nalin Dahyabhai 3.6.1p2-4- rebuild
* Tue Jun 17 2003 Nalin Dahyabhai 3.6.1p2-3- rebuild
* Tue Jun 17 2003 Nalin Dahyabhai 3.6.1p2-2- rebuild
* Fri Jun 06 2003 Nalin Dahyabhai 3.6.1p2-1- update to 3.6.1p2
* Thu Jun 05 2003 Elliot Lee - rebuilt
* Mon Mar 24 2003 Florian La Roche - add patch for getsockopt() call to work on bigendian 64bit archs
* Fri Feb 14 2003 Nalin Dahyabhai 3.5p1-6- move scp to the -clients subpackage, because it directly depends on ssh which is also in -clients (#84329)
* Mon Feb 10 2003 Nalin Dahyabhai 3.5p1-5- rebuild
* Wed Jan 22 2003 Tim Powers - rebuilt
* Tue Jan 07 2003 Nalin Dahyabhai 3.5p1-3- rebuild
* Tue Nov 12 2002 Nalin Dahyabhai 3.5p1-2- patch PAM configuration to use relative path names for the modules, allowing us to not worry about which arch the modules are built for on multilib systems
* Wed Oct 16 2002 Nalin Dahyabhai 3.5p1-1- update to 3.5p1, merging in filelist/perm changes from the upstream spec
* Sat Oct 05 2002 Nalin Dahyabhai 3.4p1-3- merge
* Fri Sep 13 2002 Than Ngo 3.4p1-2.1- fix to build on multilib systems
* Fri Aug 30 2002 Curtis Zinzilieta 3.4p1-2gss- added gssapi patches and uncommented patch here
* Thu Aug 15 2002 Nalin Dahyabhai 3.4p1-2- pull patch from CVS to fix too-early free in ssh-keysign (#70009)
* Fri Jun 28 2002 Nalin Dahyabhai 3.4p1-1- 3.4p1- drop anon mmap patch
* Wed Jun 26 2002 Nalin Dahyabhai 3.3p1-2- rework the close-on-exit docs- include configuration file man pages- make use of nologin as the privsep shell optional
* Tue Jun 25 2002 Nalin Dahyabhai 3.3p1-1- update to 3.3p1- merge in spec file changes from upstream (remove setuid from ssh, ssh-keysign)- disable gtk2 askpass- require pam-devel by filename rather than by package for erratum- include patch from Solar Designer to work around anonymous mmap failures
* Sat Jun 22 2002 Tim Powers - automated rebuild
* Sat Jun 08 2002 Nalin Dahyabhai 3.2.3p1-3- don\'t require autoconf any more
* Sat Jun 01 2002 Nalin Dahyabhai 3.2.3p1-2- build gnome-ssh-askpass with gtk2
* Wed May 29 2002 Nalin Dahyabhai 3.2.3p1-1- update to 3.2.3p1- merge in spec file changes from upstream
* Sat May 18 2002 Nalin Dahyabhai 3.2.2p1-1- update to 3.2.2p1
* Sat May 18 2002 Nalin Dahyabhai 3.1p1-4- drop buildreq on db1-devel- require pam-devel by package name- require autoconf instead of autoconf253 again
* Wed Apr 03 2002 Nalin Dahyabhai 3.1p1-3- pull patch from CVS to avoid printing error messages when some of the default keys aren\'t available when running ssh-add- refresh to current revisions of Simon\'s patches
* Thu Mar 21 2002 Nalin Dahyabhai 3.1p1-2gss- reintroduce Simon\'s gssapi patches- add buildprereq for autoconf253, which is needed to regenerate configure after applying the gssapi patches- refresh to the latest version of Markus\'s patch to build properly with older versions of OpenSSL
* Thu Mar 07 2002 Nalin Dahyabhai 3.1p1-2- bump and grind (through the build system)
* Thu Mar 07 2002 Nalin Dahyabhai 3.1p1-1- require sharutils for building (mindrot #137)- require db1-devel only when building for 6.x (#55105), which probably won\'t work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck- require pam-devel by file (not by package name) again- add Markus\'s patch to compile with OpenSSL 0.9.5a (from http://bugzilla.mindrot.org/show_bug.cgi?id=141) and apply it if we\'re building for 6.x
* Thu Mar 07 2002 Nalin Dahyabhai 3.1p1-0- update to 3.1p1
* Tue Mar 05 2002 Nalin Dahyabhai SNAP-20020305- update to SNAP-20020305- drop debug patch, fixed upstream
* Wed Feb 20 2002 Nalin Dahyabhai SNAP-20020220- update to SNAP-20020220 for testing purposes (you\'ve been warned, if there\'s anything to be warned about, gss patches won\'t apply, I don\'t mind)
* Wed Feb 13 2002 Nalin Dahyabhai 3.0.2p1-3- add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key exchange, authentication, and named key support
* Wed Jan 23 2002 Nalin Dahyabhai 3.0.2p1-2- remove dependency on db1-devel, which has just been swallowed up whole by gnome-libs-devel
* Sat Dec 29 2001 Nalin Dahyabhai - adjust build dependencies so that build6x actually works right (fix from Hugo van der Kooij)
* Tue Dec 04 2001 Nalin Dahyabhai 3.0.2p1-1- update to 3.0.2p1
* Fri Nov 16 2001 Nalin Dahyabhai 3.0.1p1-1- update to 3.0.1p1
* Tue Nov 13 2001 Nalin Dahyabhai - update to current CVS (not for use in distribution)
* Thu Nov 08 2001 Nalin Dahyabhai 3.0p1-1- merge some of Damien Miller changes from the upstream 3.0p1 spec file and init script
* Wed Nov 07 2001 Nalin Dahyabhai - update to 3.0p1- update to x11-ssh-askpass 1.2.4.1- change build dependency on a file from pam-devel to the pam-devel package- replace primes with moduli
* Fri Sep 28 2001 Nalin Dahyabhai 2.9p2-9- incorporate fix from Markus Friedl\'s advisory for IP-based authorization bugs
* Fri Sep 14 2001 Bernhard Rosenkraenzer 2.9p2-8- Merge changes to rescue build from current sysadmin survival cd
* Fri Sep 07 2001 Nalin Dahyabhai 2.9p2-7- fix scp\'s server\'s reporting of file sizes, and build with the proper preprocessor define to get large-file capable open(), stat(), etc. (sftp has been doing this correctly all along) (#51827)- configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247)- pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298)- mark profile.d scriptlets as config files (#42337)- refer to Jason Stone\'s mail for zsh workaround for exit-hanging quasi-bug- change a couple of log() statements to debug() statements (#50751)- pull cvs patch to add -t flag to sshd (#28611)- clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221)
* Tue Aug 21 2001 Nalin Dahyabhai 2.9p2-6- add db1-devel as a BuildPrerequisite (noted by Hans Ecke)
* Fri Aug 17 2001 Nalin Dahyabhai - pull cvs patch to fix remote port forwarding with protocol 2
* Fri Aug 10 2001 Nalin Dahyabhai - pull cvs patch to add session initialization to no-pty sessions- pull cvs patch to not cut off challengeresponse auth needlessly- refuse to do X11 forwarding if xauth isn\'t there, handy if you enable it by default on a system that doesn\'t have X installed (#49263)
* Thu Aug 09 2001 Nalin Dahyabhai - don\'t apply patches to code we don\'t intend to build (spotted by Matt Galgoci)
* Tue Aug 07 2001 Nalin Dahyabhai - pass OPTIONS correctly to initlog (#50151)
* Thu Jul 26 2001 Nalin Dahyabhai - switch to x11-ssh-askpass 1.2.2
* Thu Jul 12 2001 Nalin Dahyabhai - rebuild in new environment
* Tue Jun 26 2001 Nalin Dahyabhai - disable the gssapi patch
* Tue Jun 19 2001 Nalin Dahyabhai - update to 2.9p2- refresh to a new version of the gssapi patch
* Fri Jun 08 2001 Nalin Dahyabhai - change Copyright: BSD to License: BSD- add Markus Friedl\'s unverified patch for the cookie file deletion problem so that we can verify it- drop patch to check if xauth is present (was folded into cookie patch)- don\'t apply gssapi patches for the errata candidate- clear supplemental groups list at startup
* Sat May 26 2001 Nalin Dahyabhai - fix an error parsing the new default sshd_config- add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not dealing with comments right
* Fri May 25 2001 Nalin Dahyabhai - add in Simon Wilkinson\'s GSSAPI patch to give it some testing in-house, to be removed before the next beta cycle because it\'s a big departure from the upstream version
* Fri May 04 2001 Nalin Dahyabhai - finish marking strings in the init script for translation- modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd at startup (change merged from openssh.com init script, originally by Pekka Savola)- refuse to do X11 forwarding if xauth isn\'t there, handy if you enable it by default on a system that doesn\'t have X installed
* Thu May 03 2001 Nalin Dahyabhai - update to 2.9- drop various patches that came from or went upstream or to or from CVS
* Thu Apr 19 2001 Nalin Dahyabhai - only require initscripts 5.00 on 6.2 (reported by Peter Bieringer)
* Mon Apr 09 2001 Preston Brown - remove explicit openssl requirement, fixes builddistro issue- make initscript stop() function wait until sshd really dead to avoid races in condrestart
* Tue Apr 03 2001 Nalin Dahyabhai - mention that challengereponse supports PAM, so disabling password doesn\'t limit users to pubkey and rsa auth (#34378)- bypass the daemon() function in the init script and call initlog directly, because daemon() won\'t start a daemon it detects is already running (like open connections)- require the version of openssl we had when we were built
* Fri Mar 23 2001 Nalin Dahyabhai - make do_pam_setcred() smart enough to know when to establish creds and when to reinitialize them- add in a couple of other fixes from Damien for inclusion in the errata
* Thu Mar 22 2001 Nalin Dahyabhai - update to 2.5.2p2- call setcred() again after initgroups, because the \"creds\" could actually be group memberships
* Tue Mar 20 2001 Nalin Dahyabhai - update to 2.5.2p1 (includes endianness fixes in the rijndael implementation)- don\'t enable challenge-response by default until we find a way to not have too many userauth requests (we may make up to six pubkey and up to three password attempts as it is)- remove build dependency on rsh to match openssh.com\'s packages more closely
* Sat Mar 03 2001 Nalin Dahyabhai - remove dependency on openssl -- would need to be too precise
* Fri Mar 02 2001 Nalin Dahyabhai - rebuild in new environment
* Mon Feb 26 2001 Nalin Dahyabhai - Revert the patch to move pam_open_session.- Init script and spec file changes from Pekka Savola. (#28750)- Patch sftp to recognize \'-o protocol\' arguments. (#29540)
* Thu Feb 22 2001 Nalin Dahyabhai - Chuck the closing patch.- Add a trigger to add host keys for protocol 2 to the config file, now that configuration file syntax requires us to specify it with HostKey if we specify any other HostKey values, which we do.
* Tue Feb 20 2001 Nalin Dahyabhai - Redo patch to move pam_open_session after the server setuid()s to the user.- Rework the nopam patch to use be picked up by autoconf.
* Mon Feb 19 2001 Nalin Dahyabhai - Update for 2.5.1p1.- Add init script mods from Pekka Savola.- Tweak the init script to match the CVS contrib script more closely.- Redo patch to ssh-add to try to adding both identity and id_dsa to also try adding id_rsa.
* Fri Feb 16 2001 Nalin Dahyabhai - Update for 2.5.0p1.- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass- Resync with parts of Damien Miller\'s openssh.spec from CVS, including update of x11 askpass to 1.2.0.- Only require openssl (don\'t prereq) because we generate keys in the init script now.
* Tue Feb 13 2001 Nalin Dahyabhai - Don\'t open a PAM session until we\'ve forked and become the user (#25690).- Apply Andrew Bartlett\'s patch for letting pam_authenticate() know which host the user is attempting a login from.- Resync with parts of Damien Miller\'s openssh.spec from CVS.- Don\'t expose KbdInt responses in debug messages (from CVS).- Detect and handle errors in rsa_{public,private}_decrypt (from CVS).
* Wed Feb 07 2001 Trond Eivind Glomsrxd - i18n-tweak to initscript.
* Tue Jan 23 2001 Nalin Dahyabhai - More gettextizing.- Close all files after going into daemon mode (needs more testing).- Extract patch from CVS to handle auth banners (in the client).- Extract patch from CVS to handle compat weirdness.
* Fri Jan 19 2001 Nalin Dahyabhai - Finish with the gettextizing.
* Thu Jan 18 2001 Nalin Dahyabhai - Fix a bug in auth2-pam.c (#23877)- Gettextize the init script.
* Wed Dec 20 2000 Nalin Dahyabhai - Incorporate a switch for using PAM configs for 6.x, just in case.
* Tue Dec 05 2000 Nalin Dahyabhai - Incorporate Bero\'s changes for a build specifically for rescue CDs.
* Wed Nov 29 2000 Nalin Dahyabhai - Don\'t treat pam_setcred() failure as fatal unless pam_authenticate() has succeeded, to allow public-key authentication after a failure with \"none\" authentication. (#21268)
* Tue Nov 28 2000 Nalin Dahyabhai - Update to x11-askpass 1.1.1. (#21301)- Don\'t second-guess fixpaths, which causes paths to get fixed twice. (#21290)
* Mon Nov 27 2000 Nalin Dahyabhai - Merge multiple PAM text messages into subsequent prompts when possible when doing keyboard-interactive authentication.
* Sun Nov 26 2000 Nalin Dahyabhai - Disable the built-in MD5 password support. We\'re using PAM.- Take a crack at doing keyboard-interactive authentication with PAM, and enable use of it in the default client configuration so that the client will try it when the server disallows password authentication.- Build with debugging flags. Build root policies strip all binaries anyway.
* Tue Nov 21 2000 Nalin Dahyabhai - Use DESTDIR instead of %makeinstall.- Remove /usr/X11R6/bin from the path-fixing patch.
* Mon Nov 20 2000 Nalin Dahyabhai - Add the primes file from the latest snapshot to the main package (#20884).- Add the dev package to the prereq list (#19984).- Remove the default path and mimic login\'s behavior in the server itself.
* Fri Nov 17 2000 Nalin Dahyabhai - Resync with conditional options in Damien Miller\'s .spec file for an errata.- Change libexecdir from %{_libexecdir}/ssh to %{_libexecdir}/openssh.
* Tue Nov 07 2000 Nalin Dahyabhai - Update to OpenSSH 2.3.0p1.- Update to x11-askpass 1.1.0.- Enable keyboard-interactive authentication.
* Mon Oct 30 2000 Nalin Dahyabhai - Update to ssh-askpass-x11 1.0.3.- Change authentication related messages to be private (#19966).
* Wed Oct 11 2000 Nalin Dahyabhai - Patch ssh-keygen to be able to list signatures for DSA public key files it generates.
* Fri Oct 06 2000 Nalin Dahyabhai - Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always build PAM authentication in.- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.- Clean out no-longer-used patches.- Patch ssh-add to try to add both identity and id_dsa, and to error only when neither exists.
* Tue Oct 03 2000 Nalin Dahyabhai - Update x11-askpass to 1.0.2. (#17835)- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will always find them in the right place. (#17909)- Set the default path to be the same as the one supplied by /bin/login, but add /usr/X11R6/bin. (#17909)- Try to handle obsoletion of ssh-server more cleanly. Package names are different, but init script name isn\'t. (#17865)
* Thu Sep 07 2000 Nalin Dahyabhai - Update to 2.2.0p1. (#17835)- Tweak the init script to allow proper restarting. (#18023)
* Thu Aug 24 2000 Nalin Dahyabhai - Update to 20000823 snapshot.- Change subpackage requirements from %{version} to %{version}-%{release}- Back out the pipe patch.
* Tue Jul 18 2000 Nalin Dahyabhai - Update to 2.1.1p4, which includes fixes for config file parsing problems.- Move the init script back.- Add Damien\'s quick fix for wackiness.
* Thu Jul 13 2000 Nalin Dahyabhai - Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok().
* Fri Jul 07 2000 Nalin Dahyabhai - Move condrestart to server postun.- Move key generation to init script.- Actually use the right patch for moving the key generation to the init script.- Clean up the init script a bit.
* Thu Jul 06 2000 Nalin Dahyabhai - Fix X11 forwarding, from mail post by Chan Shih-Ping Richard.
* Mon Jul 03 2000 Nalin Dahyabhai - Update to 2.1.1p2.- Use of strtok() considered harmful.
* Sun Jul 02 2000 Nalin Dahyabhai - Get the build root out of the man pages.
* Fri Jun 30 2000 Nalin Dahyabhai - Add and use condrestart support in the init script.- Add newer initscripts as a prereq.
* Wed Jun 28 2000 Nalin Dahyabhai - Build in new environment (release 2)- Move -clients subpackage to Applications/Internet group
* Sat Jun 10 2000 Nalin Dahyabhai - Update to 2.2.1p1
* Sun Jun 04 2000 Nalin Dahyabhai - Patch to build with neither RSA nor RSAref.- Miscellaneous FHS-compliance tweaks.- Fix for possibly-compressed man pages.
* Wed Mar 15 2000 Damien Miller - Updated for new location- Updated for new gnome-ssh-askpass build
* Sun Dec 26 1999 Damien Miller - Added Jim Knoble\'s askpass
* Mon Nov 15 1999 Damien Miller - Split subpackages further based on patch from jim knoble
* Sat Nov 13 1999 Damien Miller - Added \'Obsoletes\' directives
* Tue Nov 09 1999 Damien Miller - Use make install- Subpackages
* Mon Nov 08 1999 Damien Miller - Added links for slogin- Fixed perms on manpages
* Sun Oct 31 1999 Damien Miller - Renamed init script
* Sat Oct 30 1999 Damien Miller - Back to old binary names
* Fri Oct 29 1999 Damien Miller - Use autoconf- New binary names
* Thu Oct 28 1999 Damien Miller - Initial RPMification, based on Jan \"Yenya\" Kasprzak\'s spec.
  
ICM