diff options
-rw-r--r-- | ChangeLog | 28 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | channels.c | 5 | ||||
-rw-r--r-- | contrib/caldera/openssh.spec | 6 | ||||
-rw-r--r-- | contrib/redhat/openssh.spec | 2 | ||||
-rw-r--r-- | contrib/suse/openssh.spec | 2 | ||||
-rw-r--r-- | sshd.0 | 2 | ||||
-rw-r--r-- | sshd.8 | 6 | ||||
-rw-r--r-- | version.h | 4 |
9 files changed, 41 insertions, 18 deletions
@@ -1,3 +1,29 @@ +20080403 + - (djm) OpenBSD CVS sync: + - markus@cvs.openbsd.org 2008/04/02 15:36:51 + [channels.c] + avoid possible hijacking of x11-forwarded connections (back out 1.183) + CVE-2008-1483; ok djm@ + - jmc@cvs.openbsd.org 2008/03/27 22:37:57 + [sshd.8] + remove trailing whitespace; + - djm@cvs.openbsd.org 2008/04/03 09:50:14 + [version.h] + openssh-5.0 + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers in RPM spec files + - (djm) [README] Update link to release notes + - (djm) Release 5.0p1 + +20080315 + - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are + empty; report and patch from Peter Stuge + - (djm) [regress/test-exec.sh] Silence noise from detection of putty + commands; report from Peter Stuge + - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing + crashes when used with ChrootDirectory + + 20080327 - (dtucker) Cache selinux status earlier so we know if it's enabled after a chroot. Allows ChrootDirectory to work with selinux support compiled in @@ -3825,4 +3851,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4896.2.1 2008/03/27 06:53:20 djm Exp $ +$Id: ChangeLog,v 1.4903 2008/04/03 09:57:05 djm Exp $ @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-4.9 for the release notes. +See http://www.openssh.com/txt/release-5.0 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.67 2008/03/27 06:43:34 djm Exp $ +$Id: README,v 1.68 2008/04/03 09:56:38 djm Exp $ @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.272 2008/01/19 23:02:40 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.273 2008/04/02 21:36:51 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2906,9 +2906,6 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, debug2("bind port %d: %.100s", port, strerror(errno)); close(sock); - if (ai->ai_next) - continue; - for (n = 0; n < num_socks; n++) { close(socks[n]); } diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index 294757d..34c3b8b 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec @@ -17,11 +17,11 @@ #old cvs stuff. please update before use. may be deprecated. %define use_stable 1 %if %{use_stable} - %define version 4.9p1 + %define version 5.0p1 %define cvs %{nil} %define release 1 %else - %define version 4.9p1 + %define version 5.0p1 %define cvs cvs20050315 %define release 0r1 %endif @@ -357,4 +357,4 @@ fi * Mon Jan 01 1998 ... Template Version: 1.31 -$Id: openssh.spec,v 1.62 2008/03/27 06:43:46 djm Exp $ +$Id: openssh.spec,v 1.63 2008/04/03 09:55:46 djm Exp $ diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index d6bd31b..28f3fda 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 4.9p1 +%define ver 5.0p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 7819af4..4e8c1e3 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 4.9p1 +Version: 5.0p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz @@ -552,4 +552,4 @@ CAVEATS System security is not improved unless rshd, rlogind, and rexecd are dis- abled (thus completely disabling rlogin and rsh into the machine). -OpenBSD 4.3 March 27, 2008 9 +OpenBSD 4.3 April 3, 2008 9 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.240 2008/03/26 21:28:14 djm Exp $ -.Dd $Mdocdate: March 27 2008 $ +.\" $OpenBSD: sshd.8,v 1.241 2008/03/27 22:37:57 jmc Exp $ +.Dd $Mdocdate: April 3 2008 $ .Dt SSHD 8 .Os .Sh NAME @@ -532,7 +532,7 @@ option. .It Cm no-pty Prevents tty allocation (a request to allocate a pty will fail). .It Cm no-user-rc -Disables execution of +Disables execution of .Pa ~/.ssh/rc . .It Cm no-X11-forwarding Forbids X11 forwarding when this key is used for authentication. @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.52 2008/03/27 00:16:49 djm Exp $ */ +/* $OpenBSD: version.h,v 1.53 2008/04/03 09:50:14 djm Exp $ */ -#define SSH_VERSION "OpenSSH_4.9" +#define SSH_VERSION "OpenSSH_5.0" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE |