OpenSSH 3.2.2 released

Saturday, 18 May 2002, 6:52 PM EST

OpenSSH 3.2.2 has just been released. It will be available from the mirrors listed at OpenSSH web site shortly.

Security Changes:

  • fixed buffer overflow in Kerberos/AFS token passing
  • fixed overflow in Kerberos client code
  • sshd no longer auto-enables Kerberos/AFS
  • experimental support for privilege separation,
  • only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger

Other Changes:
  • improved smartcard support (including support for OpenSC)
  • improved Kerberos support (including support for MIT-Kerberos V)
  • fixed stderr handling in protocol v2
  • client reports failure if -R style TCP forwarding fails in protocol v2
  • support configuration of TCP forwarding during interactive sessions (~C)
  • improved support for older sftp servers
  • improved support for importing old DSA keys (from ssh.com software).
  • client side suport for PASSWD_CHANGEREQ in protocol v2
  • fixed waitpid race conditions
  • record correct lastlogin time

[ Read more ]




Spotlight

Banks and IT security: The elements of success

Nathan Horn-Mitchem, VP, Information Security Officer at Provident Bank, talks about delivering and maintaining IT security for 80 branches of the bank.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Mar 27th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //