Displaying 3 results from an estimated 3 matches for "bz3577".
Did you mean:
bz3537
2023 Jul 31
5
Call for testing: OpenSSH 9.4
...truncate strings logged from PKCS#11
modules; GHPR406
* sshd(8), ssh(1): better validate CASignatureAlgorithms in
ssh_config and sshd_config. Previously this directive would accept
certificate algorithm names, but these were unusable in practice as
OpenSSH does not support CA chains. bz3577
* ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature
algorithms that are valid for CA signing. Previous behaviour was
to list all signing algorithms, including certificate algorithms.
* ssh-keyscan(1): gracefully handle systems where rlimits or the
maximum number of open f...
2023 Aug 10
1
Announce: OpenSSH 9.4 released
...truncate strings logged from PKCS#11
modules; GHPR406
* sshd(8), ssh(1): better validate CASignatureAlgorithms in
ssh_config and sshd_config. Previously this directive would accept
certificate algorithm names, but these were unusable in practice as
OpenSSH does not support CA chains. bz3577
* ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature
algorithms that are valid for CA signing. Previous behaviour was
to list all signing algorithms, including certificate algorithms.
* ssh-keyscan(1): gracefully handle systems where rlimits or the
maximum number of open f...
2023 Aug 09
1
Call for testing: OpenSSH 9.4
...#11
> modules; GHPR406
>
> * sshd(8), ssh(1): better validate CASignatureAlgorithms in
> ssh_config and sshd_config. Previously this directive would accept
> certificate algorithm names, but these were unusable in practice as
> OpenSSH does not support CA chains. bz3577
>
> * ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature
> algorithms that are valid for CA signing. Previous behaviour was
> to list all signing algorithms, including certificate algorithms.
>
> * ssh-keyscan(1): gracefully handle systems where rlimits or...