+20020707
+ - (tim) [Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH)
+ - (tim) [acconfig.h configure.ac sshd.c]
+ s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/
+ - (tim) [contrib/cygwin/ssh-host-config] sshd account creation fixes
+ patch from vinschen@redhat.com
+ - (bal) [realpath.c] Updated with OpenBSD tree.
+ - (bal) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2002/07/04 04:15:33
+ [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c]
+ patch memory leaks; grendel@zeitbombe.org
+ - deraadt@cvs.openbsd.org 2002/07/04 08:12:15
+ [channels.c packet.c]
+ blah blah minor nothing as i read and re-read and re-read...
+ - markus@cvs.openbsd.org 2002/07/04 10:41:47
+ [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c]
+ don't allocate, copy, and discard if there is not interested in the data;
+ ok deraadt@
+ - deraadt@cvs.openbsd.org 2002/07/06 01:00:49
+ [log.c]
+ KNF
+
+20020705
+ - (tim) [configure.ac] AIX 4.2.1 has authenticate() in libs.
+ Reported by Darren Tucker <dtucker@zip.com.au>
+ - (tim) [contrib/cygwin/ssh-host-config] double slash corrction
+ from vinschen@redhat.com
+
+20020704
+ - (bal) Limit data to TTY for AIX only (Newer versions can't handle the
+ faster data rate) Bug #124
+ - (bal) glob.c defines TILDE and AIX also defines it. #undef it first.
+ bug #265
+ - (bal) One too many nulls in ports-aix.c
+
20020703
- (bal) Updated contrib/cygwin/ patch by vinschen@redhat.com
- (bal) minor correction to utimes() replacement. Patch by
[sshconnect2.c]
for compression=yes, we fallback to no-compression if the server does
not support compression, vice versa for compression=no. ok mouring@
-
+ - markus@cvs.openbsd.org 2002/07/03 09:55:38
+ [ssh-keysign.c]
+ use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
+ in order to avoid a possible Kocher timing attack pointed out by Charles
+ Hannum; ok provos@
+ - markus@cvs.openbsd.org 2002/07/03 14:21:05
+ [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
+ re-enable ssh-keysign's sbit, but make ssh-keysign read
+ /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
+ globally. based on discussions with deraadt, itojun and sommerfeld;
+ ok itojun@
+ - (bal) Failed password attempts don't increment counter on AIX. Bug #145
+ - (bal) Missed Makefile.in change. keysign needs readconf.o
+ - (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess.
+
20020702
- (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &
friends consistently. Spotted by Solar Designer <solar@openwall.com>