SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libssh4-0.10.4-4.4.x86_64.rpm :

* Wed Sep 07 2022 Andreas Schneider - Update to version 0.10.4
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.4
* Mon Sep 05 2022 Andreas Schneider - Update to version 0.10.3
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.3
* Fri Sep 02 2022 Andreas Schneider - Update to version 0.10.2
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.2- Removed libssh-weak-attribute.patch
* Tue Aug 30 2022 Andreas Schneider - Update to version 0.10.1
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.1- Enable client and server testing
* Added libssh-weak-attribute.patch
* Fri Aug 26 2022 Andreas Schneider - Update to version 0.10.0
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.0- Removed 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
* Wed Jan 05 2022 Fabian Vogt - Add patch to make the compression option more compatible (boo#1192731):
* 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
* Thu Aug 26 2021 Andreas Schneider - Update to version 0.9.6 (bsc#1189608, CVE-2021-3634)
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6
* Mon Sep 21 2020 Andreas Schneider - Add missing BR for openssh needed for tests
* Sun Sep 13 2020 Dirk Mueller - update to 0.9.5 (bsc#1174713, CVE-2020-16135):
* CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
* Improve handling of library initialization (T222)
* Fix parsing of subsecond times in SFTP (T219)
* Make the documentation reproducible
* Remove deprecated API usage in OpenSSL
* Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
* Define version in one place (T226)
* Prevent invalid free when using different C runtimes than OpenSSL (T229)
* Compatibility improvements to testsuite
* Thu Apr 09 2020 Andreas Schneider - Update to version 0.9.4
* https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
* Fix possible Denial of Service attack when using AES-CTR-ciphers CVE-2020-1730 (bsc#1168699)
* Tue Feb 18 2020 Dominique Leuenberger - Drop the hack to pull curl-mini: we moved the split a bit higher up and now have a non-curl linked variant of cmake in openSUSE:Factory.
* Tue Dec 10 2019 Andreas Schneider - Update to version 0.9.3
* Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution (bsc#1158095)
* SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
* SSH-01-006 General: Various unchecked Null-derefs cause DOS
* SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
* SSH-01-010 SSH: Deprecated hash function in fingerprinting
* SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
* SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
* SSH-01-001 State Machine: Initial machine states should be set explicitly
* SSH-01-002 Kex: Differently bound macros used to iterate same array
* SSH-01-005 Code-Quality: Integer sign confusion during assignments
* SSH-01-008 SCP: Protocol Injection via unescaped File Names
* SSH-01-009 SSH: Update documentation which RFCs are implemented
* SSH-01-012 PKI: Information leak via uninitialized stack buffer
* Mon Dec 09 2019 Dominique Leuenberger - Rename suffix define to pkg_suffix: rpm 4.15 has suffix reserved for internal use.
* Thu Nov 07 2019 Andreas Schneider - Update to version 0.9.2
* Fixed libssh-config.cmake
* Fixed issues with rsa algorithm negotiation (T191)
* Fixed detection of OpenSSL ed25519 support (T197)
* Fri Oct 25 2019 Andreas Schneider - Update to version 0.9.1
* Added support for Ed25519 via OpenSSL
* Added support for X25519 via OpenSSL
* Added support for localuser in Match keyword
* Fixed Match keyword to be case sensitive
* Fixed compilation with LibreSSL
* Fixed error report of channel open (T75)
* Fixed sftp documentation (T137)
* Fixed known_hosts parsing (T156)
* Fixed build issue with MinGW (T157)
* Fixed build with gcc 9 (T164)
* Fixed deprecation issues (T165)
* Fixed known_hosts directory creation (T166)
* Wed Jul 10 2019 Tomáš Chvátal - Split out configuration to separate package to not mess up the library packaging and coinstallation
* Fri Jun 28 2019 Andreas Schneider - Update to verion 0.9.0
* Added support for AES-GCM
* Added improved rekeying support
* Added performance improvements
* Disabled blowfish support by default
* Fixed several ssh config parsing issues
* Added support for DH Group Exchange KEX
* Added support for Encrypt-then-MAC mode
* Added support for parsing server side configuration file
* Added support for ECDSA/Ed25519 certificates
* Added FIPS 140-2 compatibility
* Improved known_hosts parsing
* Improved documentation
* Improved OpenSSL API usage for KEX, DH, and signatures- Removed 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch- Removed 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch- Removed 0001-tests-Add-aes-gcm-ciphers-tests.patch- Add libssh client and server config files
* Wed May 29 2019 Ismail Dönmez - Fix the typo in Obsoletes for -devel-doc subpackage- Actually remove the description for -devel-doc subpackage
* Thu May 23 2019 James McDonough - Add support for new AES-GCM encryption types; (bsc#1134193)
* Add 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
* Add 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
* Add 0001-tests-Add-aes-gcm-ciphers-tests.patch
* Thu Feb 28 2019 Stephan Kulow - Avoid build cycle between curl and libssh by using obs hint to prefer curl-mini
* Mon Feb 25 2019 Andreas Schneider - Update to version 0.8.7
* Fixed handling extension flags in the server implementation
* Fixed exporting ed25519 private keys
* Fixed corner cases for rsa-sha2 signatures
* Fixed some issues with connector
* Mon Feb 11 2019 Tomáš Chvátal - Drop doxygen from dependencies to avoid buildcycle
* the documentation is available online anyway for anyone to consume and consult http://api.libssh.org
* Tue Jan 08 2019 Pedro Monreal Gonzalez - Added the tests in a multiple build description file
*test
* to break the cycle for cmocka, curl, doxygen and libssh.
  
ICM