-
Tue Aug 01 2023 Codrin Pruteanu <codrin.pruteanu@oracle.com> - 7.4p1-23.0.1
- enlarge format buffer size for certificate serial
number so the log message can record any 64-bit integer without
truncation (openssh bz#3012) [Orabug: 30448895]
-
Thu Jul 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 7.4p1-23 + 0.10.3-2
- Avoid remote code execution in ssh-agent PKCS#11 support
Resolves: CVE-2023-38408
-
Thu Sep 30 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 7.4p1-22 + 0.10.3-2
- avoid segfault in Kerberos cache cleanup (#1999263)
- fix CVE-2021-41617 (#2008884)
-
Tue Jun 25 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-21 + 0.10.3-2
- Avoid double comma in the default cipher list in FIPS mode (#1722446)
-
Tue May 21 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-20 + 0.10.3-2
- Revert the updating of cached passwd structure (#1712053)
-
Mon Mar 04 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-19 + 0.10.3-2
- Update cached passwd structure after PAM authentication (#1674541)
-
Wed Feb 13 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-18 + 0.10.3-2
- invalidate supplemental group cache used by temporarily_use_uid()
when the target uid differs (#1583735)
-
Mon Jan 14 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-17 + 0.10.3-2
- Fix for CVE-2018-15473 (#1619079)
- Enable GCM mode for AES ciphers in FIPS mode (#1600869)
-
Fri Nov 24 2017 Jakub Jelen <jjelen@redhat.com> - 7.4p1-16 + 0.10.3-2
- Fix for CVE-2017-15906 (#1517226)
-
Mon Nov 06 2017 Jakub Jelen <jjelen@redhat.com> - 7.4p1-15 + 0.10.3-2
- Do not hang if SSH AuthorizedKeysCommand output is too large (#1496467)
- Do not segfault pam_ssh_agent_auth if keyfile is missing (#1494268)
- Do not segfault in audit code during cleanup (#1488083)
- Add WinSCP 5.10+ compatibility (#1496808)
- Clatch between ClientAlive and rekeying timeouts (#1480510)
- Exclude dsa and ed25519 from default proposed keys in FIPS mode (#1456853)
- Add enablement for openssl-ibmca and openssl-ibmpkcs11 (#1478035)