search for: evp_digest

https://bugzilla.mindrot.org/show_bug.cgi?id=2231 Bug ID: 2231 Summary: Use EVP_Digest for oneshot digest calculation Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at m...

Hi, It would be preferable to use EVP_Digest for oneshot digest calculation: - one calloc/free less - EVP_Digest properly sets oneshot flag (certain hardware accelerators work only if the flag is set) Please consider applying the following patch: diff -ru openssh-6.6p1.orig/digest-openssl.c openssh-6.6p1/digest-openssl.c --- openssh-6....

Hi, Is FIPS 140-2 patch for openssh 6.3.p1 available somewhere or do I have to make one using http://www.openssl.com/export/openssh/openssh-6.0p1.fips-revised.patch ? Regards, Manish

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1692 The NIST advisory says that all versions of OpenSSH potentially contain the flaw. ?But is that really true? ?For example, I looked at the 3.8.1p1 distribution and didn't find any reference to JPAKE at all. Thanks.

https://bugzilla.mindrot.org/show_bug.cgi?id=2226 Bug ID: 2226 Summary: Bugs intended to be fixed in 6.7 Product: Portable OpenSSH Version: -current Hardware: Other OS: All Status: NEW Keywords: meta Severity: normal Priority: P5 Component: Miscellaneous Assignee: