Displaying 6 results from an estimated 6 matches for "kocielski".
2015 Aug 21
4
Announce: OpenSSH 7.1 released
...antas Mikulenas.
Bugfixes
--------
* ssh(1), sshd(8): add compatability workarounds for FuTTY
* ssh(1), sshd(8): refine compatability workarounds for WinSCP
* Fix a number of memory faults (double-free, free of uninitialised
memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz
Kocielski.
Checksums:
==========
- SHA1 (openssh-7.1.tar.gz) = 06c1db39f33831fe004726e013b2cf84f1889042
- SHA256 (openssh-7.1.tar.gz) = H7U1se9EoBmhkKi2i7lqpMX9QHdDTsgpu7kd5VZUGSY=
- SHA1 (openssh-7.1p1.tar.gz) = ed22af19f962262c493fcc6ed8c8826b2761d9b6
- SHA256 (openssh-7.1p1.tar.gz) = /AptLR0GPVxm3/...
2015 Aug 21
0
Announce: OpenSSH 7.1 released
...antas Mikulenas.
Bugfixes
--------
* ssh(1), sshd(8): add compatability workarounds for FuTTY
* ssh(1), sshd(8): refine compatability workarounds for WinSCP
* Fix a number of memory faults (double-free, free of uninitialised
memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz
Kocielski.
Checksums:
==========
- SHA1 (openssh-7.1.tar.gz) = 06c1db39f33831fe004726e013b2cf84f1889042
- SHA256 (openssh-7.1.tar.gz) = H7U1se9EoBmhkKi2i7lqpMX9QHdDTsgpu7kd5VZUGSY=
- SHA1 (openssh-7.1p1.tar.gz) = ed22af19f962262c493fcc6ed8c8826b2761d9b6
- SHA256 (openssh-7.1p1.tar.gz) = /AptLR0GPVxm3/...
2011 Feb 04
0
OpenSSH security advisory: legacy certificate signing in 5.6/5.7
...specifying all fields) then they will
be less resistant to hash collision attacks. Fortunately,
such attacks are not currently considered practical for the
SHA family of hashes used to sign these certificates.
5. Credit
This issue was privately reported by Mateusz Kocielski on
January 26, 2011.
6. Fix
OpenSSH 5.8 contains a fix for this vulnerability. Users who
prefer to continue to use OpenSSH 5.6 or 5.7 may apply this
patch:
Index: key.c
===================================================================
RCS file: /cvs/src/usr.bin/...
2011 Feb 04
0
OpenSSH security advisory: legacy certificate signing in 5.6/5.7
...specifying all fields) then they will
be less resistant to hash collision attacks. Fortunately,
such attacks are not currently considered practical for the
SHA family of hashes used to sign these certificates.
5. Credit
This issue was privately reported by Mateusz Kocielski on
January 26, 2011.
6. Fix
OpenSSH 5.8 contains a fix for this vulnerability. Users who
prefer to continue to use OpenSSH 5.6 or 5.7 may apply this
patch:
Index: key.c
===================================================================
RCS file: /cvs/src/usr.bin/...
2013 May 01
3
[Bug 2096] New: cert_free leaks memory
https://bugzilla.mindrot.org/show_bug.cgi?id=2096
Bug ID: 2096
Summary: cert_free leaks memory
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: FreeBSD
Status: NEW
Severity: minor
Priority: P5
Component: sshd
Assignee:
2011 Feb 04
1
Announce: OpenSSH 5.8 released
...ugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Changes since OpenSSH 5.7
=========================
Security:
* Fix vulnerability in legacy certificate signing introduced in
OpenSSH-5.6 and found by Mateusz Kocielski.
Legacy certificates signed by OpenSSH 5.6 or 5.7 included data from
the stack in place of a random nonce field. The contents of the stack
do not appear to contain private data at this point, but this cannot
be stated with certainty for all platform, library and compiler
combination...