Opened 3 months ago

Closed 3 months ago

#15481 closed enhancement (fixed)

libssh2-1.10.0

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: normal Milestone: 11.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version

Change History (5)

comment:1 by Xi Ruoyao, 3 months ago

NEWS files is auto generated, with 1300+ lines since 1.9.0!

Anyway the security patch is not needed anymore.

comment:2 by Douglas R. Reno, 3 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:3 by Douglas R. Reno, 3 months ago


Enhancements and bugfixes

    adds agent forwarding support
    adds OpenSSH Agent support on Windows
    adds ECDSA key support using the Mbed TLS backend
    adds ECDSA cert authentication
    adds diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512 key exchanges
    adds support for PKIX key reading when using ed25519 with OpenSSL
    adds support for EWOULDBLOCK on VMS systems
    adds support for building with OpenSSL 3
    adds support for using FIPS mode in OpenSSL
    adds debug symbols when building with MSVC
    adds support for building on the 3DS
    adds unicode build support on Windows
    restores os400 building
    increases min, max and opt Diffie Hellman group values
    improves portiablity of the make file
    improves timeout behavior with 2FA keyboard auth
    various improvements to the Wincng backend
    fixes reading parital packet replies when using an agent
    fixes Diffie Hellman key exchange on Windows 1903+ builds
    fixes building tests with older versions of OpenSSL
    fixes possible multiple definition warnings
    fixes potential cast issues _libssh2_ecdsa_key_get_curve_type()
    fixes potential use after free if libssh2_init() is called twice
    improved linking when using Mbed TLS
    fixes call to libssh2_crypto_exit() if crypto hasn't been initialized
    fixes crash when loading public keys with no id
    fixes possible out of bounds read when exchanging keys
    fixes possible out of bounds read when reading packets
    fixes possible out of bounds read when opening an X11 connection
    fixes possible out of bounds read when ecdh host keys
    fixes possible hang when trying to read a disconnected socket
    fixes a crash when using the delayed compression option
    fixes read error with large known host entries
    fixes various warnings
    fixes various small memory leaks
    improved error handling, various detailed errors will now be reported
    builds are now using OSS-Fuzz
    builds now use autoreconf instead of a custom build script
    cmake now respects install directory
    improved CI backend
    updated HACKING-CRYPTO documentation
    use markdown file extensions
    improved unit tests 

in reply to:  1 comment:4 by Douglas R. Reno, 3 months ago

Replying to Xi Ruoyao:

NEWS files is auto generated, with 1300+ lines since 1.9.0!

Anyway the security patch is not needed anymore.

Hey Xi,

You can look here for the changes for this package: https://www.libssh2.org/changes.html

It seems to be filtered a lot better than the NEWS file that comes in the tarball!

comment:5 by Douglas R. Reno, 3 months ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.