SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libssh-devel-0.4.8-14.1.x86_64.rpm :

* Thu Mar 06 2014 lijewski.stefanAATTgmail.com- CVE-2014-0017: Fix PRNG reseed vulnerability: (bnc#866278).
* Sat Nov 24 2012 wrAATTrosenauer.org- Fix multiple vulernabilities (bnc#789827):
* CVE-2012-4559 – Fix multiple double free() flaws 0007-CVE-2012-4559-Ensure-we-don-t-free-blob-or-request-t.patch 0008-CVE-2012-4559-Ensure-that-we-don-t-free-req-twice.patch 0009-CVE-2012-4559-Make-sure-we-don-t-free-name-and-longn.patch
* CVE-2012-4560 – Fix multiple buffer overflow flaws 0005-CVE-2012-4560-Fix-a-write-one-past-the-end-of-the-u-.patch 0006-CVE-2012-4560-Fix-a-write-one-past-the-end-of-buf.patch
* CVE-2012-4561 – Fix multiple invalid free() flaws 0010-CVE-2012-4561-Fix-error-handling-of-try_publickey_fr.patch 0011-CVE-2012-4561-Fix-possible-free-s-on-invalid-pointer.patch
* CVE-2012-4562 – Fix multiple improper overflow checks 0001-CVE-2012-4562-Fix-possible-integer-overflow-in-ssh_g.patch 0002-CVE-2012-4562-Fix-multiple-integer-overflows-in-buff.patch 0003-CVE-2012-4562-Fix-a-possible-infinite-loop-in-buffer.patch 0004-CVE-2012-4562-Fix-possible-string-related-integer-ov.patch
* Sat Jan 15 2011 asnAATTcryptomilk.org- Update to version 0.4.8
* Fixed memory leaks in session signing.
* Fixed memory leak in ssh_print_hexa.
* Fixed problem with ssh_connect w/ timeout and fd > 1024.
* Fixed some warnings on OS/2.
* Fixed installation path for OS/2.
* Mon Dec 27 2010 asnAATTcynapses.org- Update to version 0.4.7
* Fixed a possible memory leak in ssh_get_user_home().
* Fixed a memory leak in sftp_xstat.
* Fixed uninitialized fd->revents member.
* Fixed timout value in ssh_channel_accept().
* Fixed length checks in ssh_analyze_banner().
* Fixed a possible data overread and crash bug.
* Fixed setting max_fd which breaks ssh_select().
* Fixed some pedantic build warnings.
* Fixed a memory leak with session->bindaddr.
* Sun Sep 05 2010 asnAATTcynapses.org- Update to version 0.4.6
* Added a cleanup function to free the ws2_32 library.
* Fixed build with gcc 3.4.
* Fixed the Windows build on Vista and newer.
* Fixed the usage of WSAPoll() on Windows.
* Fixed \"AATTdeprecated\" in doxygen
* Fixed some mingw warnings.
* Fixed handling of opened channels.
* Fixed keepalive problem on older openssh servers.
* Fixed testing for big endian on Windows.
* Fixed the Windows preprocessor macros and defines.
* Tue Jul 13 2010 anschneiderAATTexsuse.de- Update to version 0.4.5
* Added option to bind a client to an ip address.
* Fixed the ssh socket polling function.
* Fixed Windows related bugs in bsd_poll().
* Fixed serveral build warnings.
* Mon May 31 2010 anschneiderAATTexsuse.de- Update to version 0.4.4
* Fixed some bugs ein path expand functions.
* Mon May 17 2010 anschneiderAATTexsuse.de- Update to version 0.4.3
* Added global/keepalive responses.
* Added runtime detection of WSAPoll().
* Added a select(2) based poll-emulation if poll(2) is not available.
* Added a function to expand an escaped string.
* Added a function to expand the tilde from a path.
* Added a proxycommand support.
* Added ssh_privatekey_type public function
* Added the possibility to define _OPENSSL_DIR and _ZLIB_DIR.
* Fixed sftp_chown.
* Fixed sftp_rename on protocol version 3.
* Fixed a blocking bug in channel_poll.
* Fixed config parsing wich has overwritten user specified values.
* Fixed hashed [host]:port format in knownhosts
* Fixed Windows build.
* Fixed doublefree happening after a negociation error.
* Fixed aes
*-ctr with <= OpenSSL 0.9.7b.
* Fixed some documentation.
* Fixed exec example which has broken read usage.
* Fixed broken algorithm choice for server.
* Fixed a typo that we don\'t export all symbols.
* Removed the unneeded dependency to doxygen.
* Build examples only on the Linux plattform.
* Mon Mar 15 2010 anschneiderAATTexsuse.de- Update to version 0.4.2
* Added owner and group information in sftp attributes.
* Added missing SSH_OPTIONS_FD option.
* Added printout of owner and group in the sftp example.
* Added a prepend function for ssh_list.
* Added send back replies to openssh\'s keepalives.
* Fixed documentation in scp code
* Fixed longname parsing, this only workings with readdir.
* Fixed and added support for several identity files.
* Fixed sftp_parse_longname() on Windows.
* Fixed a race condition bug in ssh_scp_close()
* Remove config support for SSHv1 Cipher variable.
* Rename ssh_list_add to ssh_list_append.
* Rename ssh_list_get_head to ssh_list_pop_head
* Mon Feb 15 2010 anschneiderAATTexsuse.de- Fixed Requires.
* Sat Feb 13 2010 anschneiderAATTexsuse.de- Update to version 0.4.1
* Added support for aes128-ctr, aes192-ctr and aes256-ctr encryption.
* Added an example for exec.
* Added private key type detection feature in privatekey_from_file().
* Fixed zlib compression fallback.
* Fixed kex bug that client preference should be prioritary
* Fixed known_hosts file set by the user.
* Fixed a memleak in channel_accept().
* Fixed underflow when leave_function() are unbalanced
* Fixed memory corruption in handle_channel_request_open().
* Fixed closing of a file handle case of errors in privatekey_from_file().
* Fixed ssh_get_user_home_dir() to be thread safe.
* Fixed the doxygen documentation.
* Thu Dec 10 2009 anschneiderAATTexsuse.de- Update to version 0.4.0
* Added scp support.
* Added support for sending signals (RFC 4254, section 6.9).
* Added MSVC support.
* Added support for ~/.ssh/config.
* Added sftp extension support.
* Added X11 forwarding support for client.
* Added forward listening.
* Added support for openssh extensions (statvfs, fstatvfs).
* Added a cleaned up interface for setting options.
* Added a generic way to handle sockets asynchronously.
* Added logging of the sftp flags used to open a file.
* Added full poll() support and poll-emulation for win32.
* Added missing 64bit functions in sftp.
* Added support for ~/ and SSH_DIR/ in filenames instead of %s/.
* Fixed Fix channel_get_exit_status bug.
* Fixed calltrace logging to make it optional.
* Fixed compilation on Solaris.
* Fixed resolving of ip addresses.
* Fixed libssh compilation without server support.
* Fixed possible memory corruptions (ticket #14).
* Mon Sep 14 2009 anschneiderAATTexsuse.de- Update to version 0.3.4.
* Added ssh_basename and ssh_dirname.
* Added a portable ssh_mkdir function.
* Added a sftp_tell64() function.
* Added missing NULL pointer checks to crypt_set_algorithms_server.
* Fixed ssh_write_knownhost if ~/.ssh doesn\'t exist.
* Fixed a possible integer overflow in buffer_get_data().
* Fixed possible security bug in packet_decrypt().
* Tue Aug 18 2009 anschneiderAATTexsuse.de- Update to version 0.3.3.
* Fixed double free pointer crash in dsa_public_to_string.
* Fixed channel_get_exit_status bug.
* Fixed ssh_finalize which didn\'t clear the flag.
* Fixed memory leak introduced by previous bugfix.
* Fixed channel_poll broken when delayed EOF recvd.
* Fixed stupid \"can\'t parse known host key\" bug.
* Fixed possible memory corruption (ticket #14).
* Tue Aug 04 2009 anschneiderAATTexsuse.de- Update to version 0.3.2
* Added ssh_init() function.
* Added sftp_readlink() function.
* Added sftp_symlink() function.
* Fixed ssh_write_knownhost().
* Fixed compilation on Solaris.
* Fixed SSHv1 compilation.
* Tue Jul 14 2009 anschneiderAATTexsuse.de- Update to version 0.3.1
* Added return code SSH_SERVER_FILE_NOT_FOUND.
* Fixed compilation of SSHv1.
* Fixed several memory leaks.
* Fixed possible infinite loops.
* Fixed a possible crash bug.
* Fixed build warnings.
* Fixed cmake on BSD.
* Thu May 21 2009 anschneiderAATTexsuse.de- Update to version 0.3.0
* Added support for ssh-agent authentication.
* Added POSIX like sftp implementation.
* Added error checking to all functions.
* Added const to arguments where it was needed.
* Added a channel_get_exit_status() function.
* Added a channel_read_buffer() function, channel_read() is now a POSIX like function.
* Added a more generic auth callback function.
* Added printf attribute checking for log and error functions.
* Added runtime function tracer support.
* Added NSIS build support with CPack.
* Added openssh hashed host support.
* Added API documentation for all public functions.
* Added asynchronous SFTP read function.
* Added a ssh_bind_set_fd() function.
* Fixed known_hosts parsing.
* Fixed a lot of build warnings.
* Fixed the Windows build.
* Fixed a lot of memory leaks.
* Fixed a double free corruption in the server support.
* Fixed the \"ssh_accept:\" bug in server support.
* Fixed important channel bugs.
* Refactored the socket handling.
* Switched to CMake build system.
* Improved performance.
  
ICM