comparison CHANGES @ 290:94ee16f5b8a8

0.48 progress
author Matt Johnston <matt@ucc.asn.au>
date Thu, 09 Mar 2006 12:37:38 +0000
parents 9b9664204b97
children 55a99934db87
comparison
equal deleted inserted replaced
289:497fddd4a94e 290:94ee16f5b8a8
1 0.48 -
2
3 - Check that the circular buffer is properly empty before
4 closing a channel, which could cause truncated transfers
5 (thanks to Tomas Vanek for helping track it down)
6
7 - Implement per-IP pre-authentication connection limits
8 (after some poking from Pablo Fernandez)
9
10 - Exit gracefully if trying to connect to as SSH v1 server
11 (reported by Rushi Lala)
12
13 - Only read /dev/random once at startup when in non-inetd mode
14
15 - Allow ctrl-c to close a dbclient password prompt (may
16 still have to press enter on some platforms)
17
18 - Merged in uClinux patch for inetd mode
19
20 - Updated to scp from OpenSSH 4.3p2 - fixes a security issue
21 where use of system() could cause users to execute arbitrary
22 code through malformed filenames, ref CVE-2006-0225
23
1 0.47 - Thurs Dec 8 2005 24 0.47 - Thurs Dec 8 2005
2 25
3 - SECURITY: fix for buffer allocation error in server code, could potentially 26 - SECURITY: fix for buffer allocation error in server code, could potentially
4 allow authenticated users to gain elevated privileges. All multi-user systems 27 allow authenticated users to gain elevated privileges. All multi-user systems
5 running the server should upgrade (or apply the patch available on the 28 running the server should upgrade (or apply the patch available on the