OpenSSH 3.2.2 released

Saturday, 18 May 2002, 6:52 PM EST

OpenSSH 3.2.2 has just been released. It will be available from the mirrors listed at OpenSSH web site shortly.

Security Changes:

  • fixed buffer overflow in Kerberos/AFS token passing
  • fixed overflow in Kerberos client code
  • sshd no longer auto-enables Kerberos/AFS
  • experimental support for privilege separation,
  • only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger

Other Changes:
  • improved smartcard support (including support for OpenSC)
  • improved Kerberos support (including support for MIT-Kerberos V)
  • fixed stderr handling in protocol v2
  • client reports failure if -R style TCP forwarding fails in protocol v2
  • support configuration of TCP forwarding during interactive sessions (~C)
  • improved support for older sftp servers
  • improved support for importing old DSA keys (from ssh.com software).
  • client side suport for PASSWD_CHANGEREQ in protocol v2
  • fixed waitpid race conditions
  • record correct lastlogin time

[ Read more ]




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //