OpenSSH 3.2.2 released

Saturday, 18 May 2002, 6:52 PM EST

OpenSSH 3.2.2 has just been released. It will be available from the mirrors listed at OpenSSH web site shortly.

Security Changes:

  • fixed buffer overflow in Kerberos/AFS token passing
  • fixed overflow in Kerberos client code
  • sshd no longer auto-enables Kerberos/AFS
  • experimental support for privilege separation,
  • only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger

Other Changes:
  • improved smartcard support (including support for OpenSC)
  • improved Kerberos support (including support for MIT-Kerberos V)
  • fixed stderr handling in protocol v2
  • client reports failure if -R style TCP forwarding fails in protocol v2
  • support configuration of TCP forwarding during interactive sessions (~C)
  • improved support for older sftp servers
  • improved support for importing old DSA keys (from ssh.com software).
  • client side suport for PASSWD_CHANGEREQ in protocol v2
  • fixed waitpid race conditions
  • record correct lastlogin time

[ Read more ]




Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //