Bugtraq mailing list archives
ssh-1.2.27 is out.
From: je () SEKURE NET (Jonas Eriksson)
Date: Fri, 14 May 1999 11:25:23 +0200
ssh-1.2.27 is out, here is the changes since 1.2.26: -cut- Thu Apr 29 10:46:21 1999 Timo J. Rinne <tri () ssh fi> * Replaced OSF1/C2 security support with more complete SIA (Security Integration Architecture). Mon Feb 22 10:00:12 1999 Timo J. Rinne <tri () ssh fi> * Added snprintf from ssh2. * Tatu's sprintf -> snprintf fixes. * Fixed potential buffer overflows. * Kerberos authentication disabled, if client is suid-root. This is the only way to avoid security problems that are in Kerberos rather than in ssh. Wed Nov 25 00:04:11 1998 Tatu Ylonen <ylo () ssh fi> * sshd.c (sgi_project_setup): patches from Luigi Pugnetti <luigi () symbolic it>, Eivind Gjelseth <eivind () ii uib no>, Randolph J. Herber <herber () fnal gov>, Sevo Stille <sevo () inm de>. * sshd.c (sgi_project_acct_on): patches from Vern Staats, staatsvr () asc hpc mil. * sshd.c (login_permitted): Added support for locked accounts on AIX. Thanks to "Delius, Felix von" <Felix.von-Delius () dresdner-bank com>. * login.c: Improvements for glibc 2.0.100+ from D.A. Harris <rodmur () ecst csuchico edu>. Tue Nov 24 23:27:20 1998 Tatu Ylonen <ylo () ssh fi> * login.c: Removed assignment to ux.ut_exit.e_{termination,exit}, because they are already zeroed and the assignment is causing problems on some platforms. * Fixed uninitialized variable err in sgi_project_setup (from Eivind Gjelseth <eivind () ii uib no>). * ssh-agent.c: Fixed -D (from Ian Goldberg <iang () cs berkeley edu>). * Fixed undefined __udiv_qrnnd bug on Solaris (reported by Karl Berry <karl () suite deas harvard edu>). * Fixed a bug in idle timeouts (reported by "David M. Dandarnobody"@nowhere). * Fixed deattack.c on Cray (patch from Andreas Schott <schott () rzg mpg de>). * Fixed x11 forwarding on SunOS 4.1.4 (gethostbyname bug, reported by Bradford Hull <brad () tera com>. * Added snprintf from ssh2. Changed most sprintfs to snprintf. * Fixed a hard-to-exploit security bug in Kerberos code. * Added length limitations in manu sprintfs. Mon Jul 13 16:23:15 1998 Tero Kivinen <kivinen () ssh fi> * Removed extra ux.ut_syslen setting. Reported by Felix von Leitner <leitner () amdiv de>. -cut- -- Jonas Eriksson Sekure Security Research
Current thread:
- Windump for Windows Edward Gibbs (May 11)
- fts, du, find Stas Kisel (May 12)
- Re: fts, du, find Jordan Ritter (May 14)
- At Ease 5.0 Security Hole Tim Conrad (May 13)
- Re: At Ease 5.0 Security Hole Vincent Janelle (May 14)
- ssh-1.2.27 is out. Jonas Eriksson (May 14)
- Re: fts...(improved patch) Stas Kisel (May 14)
- Re: fts, du, find Jordan Ritter (May 14)
- Re: fts, du, find Przemyslaw Frasunek (May 14)
- fts, du, find Stas Kisel (May 12)
- Buffer overflow in WinAMP 2.x Wojtek Kaniewski (May 12)
- Re: Buffer overflow in WinAMP 2.x William Yodlowsky (May 14)
- Re: Buffer overflow in WinAMP 2.x Jello Biafra (May 16)
- Microsoft Security Bulletin (MS99-015) aleph1 () UNDERGROUND ORG (May 17)
- Re: Windump for Windows Brett Glass (May 12)
- Source code IS available (Was: Re: Windump for Windows) Ken Williams (May 14)