similar to: Announce: OpenSSH 5.8 released

---------------------------------------------------- Summary: fix a memory leak for Openssh ---------------------------------------------------- Upstream Project Name: OpenSSH Upstream Project URL: anoncvs at anoncvs.mindrot.org:/cvs Applies to: anoncvs at anoncvs.mindrot.org:/cvs Brief Description: the memory which is allocated by matchpathcon should be freed after it is used Will Submit to:

https://bugzilla.mindrot.org/show_bug.cgi?id=1851 Summary: ssh_selinux_setfscreatecon segfaults if SELinux support is compiled in but is disabled at run-time Product: Portable OpenSSH Version: 5.7p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh

Hi, (please CC me as I'm not subscribed to the list) If compiled with SELinux support, OpenSSH 4.8 current cvs fails for accounts where the new ChrootDirectory option is active : debug1: PAM: establishing credentials debug3: PAM: opening session debug2: User child is on pid 1695 debug3: mm_request_receive entering debug1: PAM: establishing credentials debug3: safely_chroot: checking

Hi there is unpaired brackets in port_linux_compat.c in ssh_selinux_setfscreatecon if (path == NULL) setfscreatecon(NULL); return; } -- JFCh <jchadima at redhat.com>

the memory which is allocated by matchpathcon should be freed after it is useless Signed-off-by: Roy Li <rongqing.li at windriver.com> --- openbsd-compat/port-linux.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -217,8 +217,10 @@ ssh_selinux_setfscreatecon(const char *p setfscreatecon(NULL);

The memory which is allocated by matchpathcon should be freed after it is used Signed-off-by: Roy Li <rongqing.li at windriver.com> --- openbsd-compat/port-linux.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -217,8 +217,10 @@ ssh_selinux_setfscreatecon(const char *p setfscreatecon(NULL); return;

I tried replacing readpassphrase() for v2.9.9p2 on Sol8 with a different version that just calls getpassphrase(). It appears to solve the echo problem when the user tries to login in interactive mode and needs to change their password. Can anyone else try this with v2.9.9p2 on Solaris? Be sure to add: #define HAVE_GETPASSPHRASE ... to config.h when compiling (since it's not a configurable

OpenSSH Security Advisory: legacy-certs.adv This document may be found at: http://www.openssh.com/txt/legacy-cert.adv 1. Vulnerability Legacy certificates generated by OpenSSH might contain data from the stack thus leaking confidential information. 2. Affected configurations OpenSSH 5.6 and OpenSSH 5.7 only when generating legacy certificates. These must be

OpenSSH 7.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

OpenSSH Security Advisory: legacy-certs.adv This document may be found at: http://www.openssh.com/txt/legacy-cert.adv 1. Vulnerability Legacy certificates generated by OpenSSH might contain data from the stack thus leaking confidential information. 2. Affected configurations OpenSSH 5.6 and OpenSSH 5.7 only when generating legacy certificates. These must be

OpenSSH 7.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

Hi. I have a SIP provider which wants RFC2833 for the dtmfmode, however I would like to increase the duration of the tone, its pretty short and some IVR's are unhappy or don't detect it. I did poke around, but it looks like when RFC2833 is used, it actually generates rtp packets of some sort, so I have no idea how to increase that duration. Any assistance would be appreciated. -- Your

I was compiling the 5.8p1 source for CentOS 5.6 by installing the CentOS 5.6 source RPM for 4.3p2 and stealing the configure command they use to ensure I had all the same bits. I needed this to chroot some SFTP users and need the "Match" operator. The configure went well (once I had satisfied all the requirements). Upon compiling, however, I hit a syntax error in one of the files. In

Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory

OpenSSH 5.7 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,

Yesterday I had an issue with Samba v 4.13.0. Went to backup and discovered backup computer has a drive failure and backup is gone. Only resort is to rebuild the DC. I cannot figure out why bind9 will not "host -t SRV _ldap._ tcp.ad.dtntwk.work." or "host -t SRV _kerberos._udp.ad.dtntwk.work." root at dc1:~# host -t SRV _ldap._tcp.subdom.example.com. >

> On another note - in order to get roaming profiles to work on W95 with > no NT server, I had to do some horrible things to the registry, which > I'm not sure is (or was ever) necessary - it worked so I kept it. > I was able to get this working ( I think ) by enableing the user profiles in the password applet in the control panel and then adding the key

I am running up against a less than helpful error message when trying to install php-pear-DB (why people cannot content themselves with all lowercase packages names escapes me, but that is a rant for another time and place). After enableing centos-plus and adding includepkgs=php-pear-DB I get this: # yum install php-pear-DB Setting up Install Process Setting up repositories Reading repository

I have tried to update openssh-3.1p1 of our system that uses RH7.2 (Scyld). I is pretty much a standard Redhat 7.2 install with openssl-0.9.6b, zlib-1.1.4 etc. I have gotten openssh to work after some initial issues, but I still have not been able to get openssh/sshd to work with tcp-wrappers. I have in hosts.deny ALL: ALL: and in hosts.allow ALL: localhost, 127.0.0.1, 192.168.1. and still I

https://bugzilla.mindrot.org/show_bug.cgi?id=1213 Andreas Kotes <count-mindrot at flatline.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |count-mindrot at flatline.de Severity|normal |major --- Comment #6 from