Ssh 1.2.22 release notes

SECURITY
========

* Fixed agent socket opening code for suid versions. All users using
 ssh-agent should upgrade to this version immediately!


SSHD
====

* Added {Allow,Deny}groups patch from Jason Ackley
 <[email protected]>.

* Added CheckMail patch from Aaron Gowatch <[email protected]>.

* Added XAuthLocation and kerberos 5 patch from Harry G. McGavran
 Jr. <[email protected]>.

* Added OSF C2 user account locked and expired checks, and user
 default resource limits patch from Joao Castro <[email protected]>.

* Added BSDI /etc/login.conf and password expiration warning
 patches from Jason Ackley <[email protected]>.


AGENT
=====

* Fixed ssh-agent dying when it received SIGPIPE when user pressed
 Ctrl-C in middle of login process.

* Implemented -k option for ssh-agent (kill agent) suggested by
 Charles M. Hannum <[email protected]>

* Renamed SSH_AUTHENCATION_SOCKET to SSH_AUTH_SOCK, because some
 environments have limit for environment variable lengths. Note, that
 this means that the new ssh-client cannot find the agent socket if
 you have logged in using old sshd. When you login with new sshd,
 ssh-client will again be able to connect to socket created by sshd.


SSH
===

* Changed authorized_keys file options to be case insensitive.

* Added patch from Nick Nibma <[email protected]> that will change
 password from from "foo's password" to foo@bar's password.


CONFIGURE
=========

* GMP configure patch for FreeBSD/ELF system from Ollivier Robert
 <[email protected]>.


GENERAL
=======

* Confirmed that ssh is Y2K compliant. The HAVE_USERSEC_H code in
 login_permitted function in sshd.c file is the only code that has
 some Y2K problems. The expiration format returned by getuserattr is
 only yymmddhhmm, and when login_permitted converts it to normalized
 format that assumes that if yy < 70 then it must be 20yy, otherwise
 assume it to be 19yy. This means that you cannot now have users
 whose account expires after year 2070.


REMEMBER
========

* Ssh compilation success/failure web-page. You can fill in the reply
 form about your compilation at <URL:http://www.ssh.net/ssh_form.html>.
 You can query about the success/failure database from
 <URL:http://www.ssh.net/ssh_query.html>.

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.