OpenSSH 3.2.2

Címkék

Megjelent az OpenSSH 3.2.2.

Az új OpenSSH-ban kísérleti jelleggel már elérhető a privilege separation kód is, amely a illetéktelen behatolók ellen próbál védelmet nyújtani.Markus Friedl levele alapján a változások az előző verzióhoz képest:

Security Changes:

=================

  • fixed buffer overflow in Kerberos/AFS token passing
  • fixed overflow in Kerberos client code
  • sshd no longer auto-enables Kerberos/AFS
  • experimental support for privilege separation, see UsePrivilegeSeparation in sshd(8) and http://www.citi.umich.edu/u/provos/ssh/privsep.html for more information.
  • only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger

Other Changes:

==============

  • improved smartcard support (including support for OpenSC, see www.opensc.org)
  • improved Kerberos support (including support for MIT-Kerberos V)
  • fixed stderr handling in protocol v2
  • client reports failure if -R style TCP forwarding fails in protocol v2
  • support configuration of TCP forwarding during interactive sessions (~C)
  • improved support for older sftp servers
  • improved support for importing old DSA keys (from ssh.com software)
  • client side suport for PASSWD_CHANGEREQ in protocol v2
  • fixed waitpid race conditions
  • record correct lastlogin time

OpenSSH

OpenBSD