comparison CHANGES @ 293:9d110777f345 contrib-blacklist

propagate from branch 'au.asn.ucc.matt.dropbear' (head 7ad1775ed65e75dbece27fe6b65bf1a234db386a) to branch 'au.asn.ucc.matt.dropbear.contrib.blacklist' (head 1d86a4f0a401cc68c2670d821a2f6366c37af143)
author Matt Johnston <matt@ucc.asn.au>
date Fri, 10 Mar 2006 06:31:29 +0000
parents 55a99934db87
children 03f65e461915
comparison
equal deleted inserted replaced
247:c07de41b53d7 293:9d110777f345
1 0.48 - Thurs 9 March 2006
2
3 - Check that the circular buffer is properly empty before
4 closing a channel, which could cause truncated transfers
5 (thanks to Tomas Vanek for helping track it down)
6
7 - Implement per-IP pre-authentication connection limits
8 (after some poking from Pablo Fernandez)
9
10 - Exit gracefully if trying to connect to as SSH v1 server
11 (reported by Rushi Lala)
12
13 - Only read /dev/random once at startup when in non-inetd mode
14
15 - Allow ctrl-c to close a dbclient password prompt (may
16 still have to press enter on some platforms)
17
18 - Merged in uClinux patch for inetd mode
19
20 - Updated to scp from OpenSSH 4.3p2 - fixes a security issue
21 where use of system() could cause users to execute arbitrary
22 code through malformed filenames, ref CVE-2006-0225
23
24 0.47 - Thurs Dec 8 2005
25
26 - SECURITY: fix for buffer allocation error in server code, could potentially
27 allow authenticated users to gain elevated privileges. All multi-user systems
28 running the server should upgrade (or apply the patch available on the
29 Dropbear webpage).
30
31 - Fix channel handling code so that redirecting to /dev/null doesn't use
32 100% CPU.
33
34 - Turn on zlib compression for dbclient.
35
36 - Set "low delay" TOS bit, can significantly improve interactivity
37 over some links.
38
39 - Added client keyboard-interactive mode support, allows operation with
40 newer OpenSSH servers in default config.
41
42 - Log when pubkey auth fails because of bad ~/.ssh/authorized_keys permissions
43
44 - Improve logging of assertions
45
46 - Added aes-256 cipher and sha1-96 hmac.
47
48 - Fix twofish so that it actually works.
49
50 - Improve PAM prompt comparison.
51
52 - Added -g (dbclient) and -a (dropbear server) options to allow
53 connections to listening forwarded ports from remote machines.
54
55 - Various other minor fixes
56
57 - Compile fixes for glibc 2.1 (ss_family vs __ss_family) and NetBSD
58 (netinet/in_systm.h needs to be included).
59
1 0.46 - Sat July 9 2005 60 0.46 - Sat July 9 2005
2 61
3 - Fix long-standing bug which caused connections to be closed if an ssh-agent 62 - Fix long-standing bug which caused connections to be closed if an ssh-agent
4 socket was no longer available 63 socket was no longer available
5 64