comparison CHANGES @ 718:9644f50434f1

2013.56 changelog
author Matt Johnston <matt@ucc.asn.au>
date Thu, 21 Mar 2013 23:19:06 +0800
parents b207d5183bb7
children 1b8b2b9d6e94
comparison
equal deleted inserted replaced
717:74deece07742 718:9644f50434f1
1 2013.56
2
1 - Allow specifying cipher (-c) and MAC (-m) lists for dbclient 3 - Allow specifying cipher (-c) and MAC (-m) lists for dbclient
2 4
3 - Allow using 'none' cipher or MAC 5 - Allow using 'none' cipher or MAC (off by default, use options.h). Encryption
6 is used during authentication then disabled, similar to OpenSSH HPN mode
4 7
5 - Allow a user in immediately if the account has a blank password and blank 8 - Allow a user in immediately if the account has a blank password and blank
6 passwords are enabled 9 passwords are enabled
7 10
8 - Include a few extra sources of entropy from /proc on Linux, hash private keys 11 - Include a few extra sources of entropy from /proc on Linux, hash private keys
9 as well 12 as well. Dropbear will also write gathered entropy back into /dev/urandom
10 13
11 - Added sha2-256 and sha2-512 hashes 14 - Added hmac-sha2-256 and hmac-sha2-512 support (off by default, use options.h)
12 15
13 - Don't sent "localhost" for -R forward connections, reported by Denis Bider 16 - Don't sent bad address "localhost" for -R forward connections,
17 reported by Denis Bider
14 18
15 - Add "-B" runtime option to allow blank passwords 19 - Add "-B" runtime option to allow blank passwords
16 20
17 - Allow using IPv6 bracket notation for addresses in server "-p" option, from Ben Jencks 21 - Allow using IPv6 bracket notation for addresses in server "-p" option, from Ben Jencks
18 22
19 - A few improvements for Android from Reimar D÷ffinger 23 - A few improvements for Android from Reimar D÷ffinger
20 24
21 - Fix memory leak for TCP forwarded connections to hosts that timed out, 25 - Fix memory leak for TCP forwarded connections to hosts that timed out,
22 reported by Norbert Bencz˙r. Appears to be a very long-standing bug. 26 reported by Norbert Bencz˙r. Appears to be a very long-standing bug.
27
28 - Fix "make clean" for out of tree builds
29
30 - Fix compilation when ENABLE_{SVR,CLI}_AGENTFWD are unset
23 31
24 2012.55 - Wednesday 22 February 2012 32 2012.55 - Wednesday 22 February 2012
25 33
26 - Security: Fix use-after-free bug that could be triggered if command="..." 34 - Security: Fix use-after-free bug that could be triggered if command="..."
27 authorized_keys restrictions are used. Could allow arbitrary code execution 35 authorized_keys restrictions are used. Could allow arbitrary code execution