similar to: xmalloc symbol in libssh

Hi Everyone, http://vuxml.freebsd.org/c4b025bb-f05d-11d8-9837-000c41e2cdad.html A critical vulnerability was found in lukemftpd, which shipped with some FreeBSD versions (4.7 and later). However, with the exception of FreeBSD 4.7, lukemftpd was not built and installed by default. So, unless you are running FreeBSD 4.7-RELEASE or specified WANT_LUKEMFTP when building FreeBSD from source, you

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

Hello there. I tried make update using the following stable-supfile: *default base=/usr *default prefix=/usr *default release=cvs tag=RELENG_4 *default delete use-rel-suffix and my two nearest Russian CVS mirrors showed no changes in realpath. Heck, I downloaded the patch and said in /usr/src: # patch < realpath.patch so it was rejected. Then I looked into realpath.c's revision and

I just cobbled up a little patch to add support for OPIE to OpenSSH. Currently untested, but feedback is welcome. Wichert. -- _________________________________________________________________ / Nothing is fool-proof to a sufficiently talented fool \ | wichert at cistron.nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250

I redid my previous OPIE patch for the current ssh tree. It seems to work fine here, and I'ld love to see it merged before the 3.0 release. Wichert. diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:12.ftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in ftpd(8) Category: core Module: ftpd Announced:

Hello all, I'm trying to understand when exactly the variable substitution happens in Dovecot, as I get different results in the LDA and in the POP/IMAP server. Here's my general setup: - Postfix MTA, delivers mail via Dovecot LDA - users list sits in a database - mail directory is stored in the database, but with Dovecot variables inside Delivery works perfectly fine,

https://bugzilla.mindrot.org/show_bug.cgi?id=2232 Bug ID: 2232 Summary: curve25519-sha256 at libssh.org Signature Failures When 'ssh' Used with Dropbear, libssh Servers Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: All Status: NEW Severity: major

On Tue, Sep 24, 2013 at 10:21 PM, Aris Adamantiadis <aris at 0xbadc0de.be> wrote: [snip] > I've worked this week on an alternative key exchange mechanism, in > reaction to the whole NSA leaks and claims over cryptographic backdoors > and/or cracking advances. The key exchange is in my opinion the most > critical defense against passive eavesdropping attacks. > I believe

All~ I recently started coding an SFTP client in Qt, since i noticed their seemed to be a lack of one with a gui for really any platform that didn't cost money. I wrote most of the FTP portion, and then I decided to begin working on the SFTP part. I couldn't really find documentation for an sshlib to use for developing this portion of my program. Sorry if i'm sending this email to

Since progressmeter.o has moved to libssh, we don't need to explicitly link it into scp and sftp any longer. Index: Makefile.in =================================================================== RCS file: /cvs/openssh/Makefile.in,v retrieving revision 1.255 diff -u -r1.255 Makefile.in --- Makefile.in 10 Feb 2004 02:01:14 -0000 1.255 +++ Makefile.in 11 Feb 2004 17:10:40 -0000 @@ -137,8 +137,8

if I understand http://git.libssh.org/projects/libssh.git/commit/?id=4cb6afcbd43ab503d4c3d3054b96a1492605ea8d correctly, then the shared secret is encoded as a bignum, probably because the rest of the code assumes it's a bignum (e.g. for key derivation, etc). however, the DH public keys are always encoded as strings (both in my patches and in the libssh.org code). Am 02.11.2013 um 07:57

On 3/6/19 10:05 AM, Richard W.M. Jones wrote: > On Wed, Mar 06, 2019 at 09:59:33AM -0600, Eric Blake wrote: >> On 3/6/19 9:40 AM, Richard W.M. Jones wrote: >>> +Parts derived from Pino Toscano’s qemu libssh driver. >> >> Is that a compatible license? Or I guess another way of wording it - >> what is the license of libssh itself? The resulting ssh plugin may

Am 02.11.2013 um 11:38 schrieb Aris Adamantiadis <aris at 0xbadc0de.be>: > RFC4251 describes mpint to be multi-size and with positive values having > MSB clear, so it's clearly incompatible with raw string. > > Since you both agreed on the curve25519 implementation to use, I'll work > today on Markus' patch to make the changes Damien wanted. What do you want to

On Wed, Mar 06, 2019 at 09:59:33AM -0600, Eric Blake wrote: > On 3/6/19 9:40 AM, Richard W.M. Jones wrote: > > --- > > plugins/curl/nbdkit-curl-plugin.pod | 22 +- > > plugins/ssh/nbdkit-ssh-plugin.pod | 150 ++++++++ > > configure.ac | 17 + > > plugins/ssh/ssh.c | 521 ++++++++++++++++++++++++++++ > > README

Here are three versions (patch against openbsd cvs) 1) repace nacl w/libsodium, so i could test 2) curve25519-donna 3) Matthew's public domain reference implementation. i'd vote for #3 -------------- next part -------------- Am 30.10.2013 um 07:27 schrieb Damien Miller <djm at mindrot.org>: > On Tue, 24 Sep 2013, Aris Adamantiadis wrote: > >> Dear OpenSSH

https://bugzilla.mindrot.org/show_bug.cgi?id=1738 Summary: openbsd-compat wants xstrdup but it's in libssh.a Product: Portable OpenSSH Version: 5.4p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: unassigned-bugs at mindrot.org