SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 
Changelog for libssh2-1.8.0-4.el7.x86_64.rpm :
Wed Oct 30 13:00:00 2019 Kamil Dudka - 1.8.0-4
- fix integer overflow in SSH_MSG_DISCONNECT logic (CVE-2019-17498)

Wed Mar 20 13:00:00 2019 Kamil Dudka 1.8.0-3
- sanitize public header file (detected by rpmdiff)

Tue Mar 19 13:00:00 2019 Kamil Dudka 1.8.0-2
- fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863)
- fix out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)
- fix out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
- fix zero-byte allocation in SFTP packet processing resulting in out-of-bounds read (CVE-2019-3858)
- fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857)
- fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856)
- fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)

Wed Nov 21 13:00:00 2018 Kamil Dudka 1.8.0-1
- rebase to 1.8.0 (#1592784)

Tue Sep 26 14:00:00 2017 Kamil Dudka 1.4.3-12
- session: avoid printing misleading debug messages (#1503294)
- scp: send valid commands for remote execution (#1489733)

Fri Feb 19 13:00:00 2016 Kamil Dudka 1.4.3-11
- use secrects of the appropriate length in Diffie-Hellman (CVE-2016-0787)

Mon Jun 1 14:00:00 2015 Kamil Dudka 1.4.3-10
- check length of data extracted from the SSH_MSG_KEXINIT packet (CVE-2015-1782)

Tue May 5 14:00:00 2015 Kamil Dudka 1.4.3-9
- curl consumes too much memory during scp download (#1080459)
- prevent a not-connected agent from closing STDIN (#1147717)

Fri Jan 24 13:00:00 2014 Daniel Mach - 1.4.3-8
- Mass rebuild 2014-01-24

Fri Dec 27 13:00:00 2013 Daniel Mach - 1.4.3-7
- Mass rebuild 2013-12-27

Wed Aug 14 14:00:00 2013 Kamil Dudka 1.4.3-6
- fix very slow sftp upload to localhost
- fix a use after free in channel.c

Tue Apr 9 14:00:00 2013 Richard W.M. Jones 1.4.3-5
- Add three patches from upstream git required for qemu ssh block driver.

Wed Apr 3 14:00:00 2013 Paul Howarth 1.4.3-4
- Avoid polluting libssh2.pc with linker options (#947813)

Tue Mar 26 13:00:00 2013 Kamil Dudka 1.4.3-3
- Avoid collisions between 32-bit and 64-bit builds running on a single build
host

Thu Feb 14 13:00:00 2013 Fedora Release Engineering - 1.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

Wed Nov 28 13:00:00 2012 Paul Howarth 1.4.3-1
- Update to 1.4.3
- compression: add support for zlibAATTopenssh.com
- sftp_read: return error if a too large package arrives
- libssh2_hostkey_hash.3: update the description of return value
- Fixed MSVC NMakefile
- examples: use stderr for messages, stdout for data
- openssl: do not leak memory when handling errors
- improved handling of disabled MD5 algorithm in OpenSSL
- known_hosts: Fail when parsing unknown keys in known_hosts file
- configure: gcrypt doesn\'t come with pkg-config support
- session_free: wrong variable used for keeping state
- libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL
- comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating
- Drop upstreamed patches

Wed Nov 7 13:00:00 2012 Kamil Dudka 1.4.2-4
- examples: use stderr for messages, stdout for data (upstream commit b31e35ab)
- Update libssh2_hostkey_hash(3) man page (upstream commit fe8f3deb)

Wed Sep 26 14:00:00 2012 Kamil Dudka 1.4.2-3
- Fix basic functionality of libssh2 in FIPS mode
- Skip SELinux-related quirks on recent distros to prevent a test-suite failure

Thu Jul 19 14:00:00 2012 Fedora Release Engineering - 1.4.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

Sun May 20 14:00:00 2012 Paul Howarth 1.4.2-1
- Update to 1.4.2
- Return LIBSSH2_ERROR_SOCKET_DISCONNECT on EOF when reading banner
- userauth.c: fread() from public key file to correctly detect any errors
- configure.ac: add option to disable build of the example applications
- added \'Requires.private:\' line to libssh2.pc
- SFTP: filter off incoming \"zombie\" responses
- gettimeofday: no need for a replacement under cygwin
- SSH_MSG_CHANNEL_REQUEST: default to want_reply
- win32/libssh2_config.h: remove hardcoded #define LIBSSH2_HAVE_ZLIB

Fri Apr 27 14:00:00 2012 Paul Howarth 1.4.1-2
- Fix multi-arch conflict again (#816969)

Thu Apr 5 14:00:00 2012 Paul Howarth 1.4.1-1
- Update to 1.4.1
- Build error with gcrypt backend
- Always do \"forced\" window updates to avoid corner case stalls
- aes: the init function fails when OpenSSL has AES support
- transport_send: finish in-progress key exchange before sending data
- channel_write: acknowledge transport errors
- examples/x11.c: make sure sizeof passed to read operation is correct
- examples/x11.c: fix suspicious sizeof usage
- sftp_packet_add: verify the packet before accepting it
- SFTP: preserve the original error code more
- sftp_packet_read: adjust window size as necessary
- Use safer snprintf rather then sprintf in several places
- Define and use LIBSSH2_INVALID_SOCKET instead of INVALID_SOCKET
- sftp_write: cannot return acked data
*and
* EAGAIN
- sftp_read: avoid data
*and
* EAGAIN
- libssh2.h: add missing prototype for libssh2_session_banner_set()
- Drop upstream patches now included in release tarball

Mon Mar 19 13:00:00 2012 Kamil Dudka 1.4.0-4
- Don\'t ignore transport errors when writing to channel (#804150)

Sun Mar 18 13:00:00 2012 Paul Howarth 1.4.0-3
- Don\'t try to use openssl\'s AES-CTR functions
(http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml)

Fri Mar 16 13:00:00 2012 Paul Howarth 1.4.0-2
- fix libssh2 failing key re-exchange when write channel is saturated (#804156)
- drop %defattr, redundant since rpm 4.4

Wed Feb 1 13:00:00 2012 Paul Howarth 1.4.0-1
- update to 1.4.0
- added libssh2_session_supported_algs()
- added libssh2_session_banner_get()
- added libssh2_sftp_get_channel()
- libssh2.h: bump the default window size to 256K
- sftp-seek: clear EOF flag
- userauth: provide more informations if ssh pub key extraction fails
- ssh2_exec: skip error outputs for EAGAIN
- LIBSSH2_SFTP_PACKET_MAXLEN: increase to 80000
- knownhost_check(): don\'t dereference ext if NULL is passed
- knownhost_add: avoid dereferencing uninitialized memory on error path
- OpenSSL EVP: fix threaded use of structs
- _libssh2_channel_read: react on errors from receive_window_adjust
- sftp_read: cap the read ahead maximum amount
- _libssh2_channel_read: fix non-blocking window adjusting
- add upstream patch fixing undefined function reference in libgcrypt backend
- BR: /usr/bin/man for test suite

Sun Jan 15 13:00:00 2012 Peter Robinson 1.3.0-4
- skip the ssh test on ARM too

Fri Jan 13 13:00:00 2012 Paul Howarth 1.3.0-3
- make docs package noarch where possible
- example includes arch-specific bits, so move to devel package
- use patch rather than scripted iconv to fix character encoding
- don\'t make assumptions about SELinux context types used for the ssh server
in the test suite
- skip the ssh test if /dev/tty isn\'t present, as in some versions of mock
- make the %files list more explicit
- use tabs for indentation

Fri Jan 13 13:00:00 2012 Fedora Release Engineering 1.3.0-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

Thu Sep 8 14:00:00 2011 Kamil Dudka 1.3.0-1
- update to 1.3.0

Sat Jun 25 14:00:00 2011 Dennis Gilmore 1.2.7-2
- sshd/loopback test fails in the sparc buildsystem

Tue Oct 12 14:00:00 2010 Kamil Dudka 1.2.7-1
- update to 1.2.7 (#632916)
- avoid multilib conflict on libssh2-docs
- avoid build failure in mock with SELinux in the enforcing mode (#558964)

Fri Mar 12 13:00:00 2010 Chris Weyl 1.2.4-1
- update to 1.2.4
- drop old patch0
- be more aggressive about keeping .deps from intruding into -docs

Wed Jan 20 13:00:00 2010 Chris Weyl 1.2.2-5
- pkgconfig dep should be with -devel, not -docs

Mon Jan 18 13:00:00 2010 Chris Weyl 1.2.2-4
- enable tests; conditionalize sshd test, which fails with a funky SElinux
error when run locally

Mon Jan 18 13:00:00 2010 Chris Weyl 1.2.2-3
- patch w/1aba38cd7d2658146675ce1737e5090f879f306; not yet in a GA release

Thu Jan 14 13:00:00 2010 Chris Weyl 1.2.2-2
- correct bad file entry under -devel

Thu Jan 14 13:00:00 2010 Chris Weyl 1.2.2-1
- update to 1.2.2
- drop old patch now in upstream
- add new pkgconfig file to -devel

Mon Sep 21 14:00:00 2009 Chris Weyl 1.2-2
- patch based on 683aa0f6b52fb1014873c961709102b5006372fc
- disable tests (
*sigh
*)

Tue Aug 25 14:00:00 2009 Chris Weyl 1.2-1
- update to 1.2

Fri Aug 21 14:00:00 2009 Tomas Mraz - 1.0-4
- rebuilt with new openssl

Sat Jul 25 14:00:00 2009 Fedora Release Engineering - 1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Wed Feb 25 13:00:00 2009 Fedora Release Engineering - 1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Mon Feb 16 13:00:00 2009 Chris Weyl 1.0-1
- update to 1.0

Sat Jan 17 13:00:00 2009 Tomas Mraz - 0.18-8
- rebuild with new openssl

Mon Feb 18 13:00:00 2008 Fedora Release Engineering - 0.18-7
- Autorebuild for GCC 4.3

Wed Dec 5 13:00:00 2007 Chris Weyl 0.18-6
- rebuild for new openssl...

Tue Nov 27 13:00:00 2007 Chris Weyl 0.18-5
- bump

Tue Nov 27 13:00:00 2007 Chris Weyl 0.18-4
- add INSTALL arg to make install vs env. var

Mon Nov 26 13:00:00 2007 Chris Weyl 0.18-3
- run tests; don\'t package test

Sun Nov 18 13:00:00 2007 Chris Weyl 0.18-2
- split docs into -docs (they seemed... large.)

Tue Nov 13 13:00:00 2007 Chris Weyl 0.18-1
- update to 0.18

Sun Oct 14 14:00:00 2007 Chris Weyl 0.17-1
- update to 0.17
- many spec file changes

Wed May 23 14:00:00 2007 Sindre Pedersen Bjørdal - 0.15-0.2.20070506
- Fix release tag
- Move manpages to -devel package
- Add Examples dir to -devel package

Sun May 6 14:00:00 2007 Sindre Pedersen Bjørdal - 0.15-0.20070506.1
- Initial build