Openssh-4.2p1

[bdubbs@…]

Version Increment

This release fixes two security problems, namely in dynamic port forwarding and in GSSAPI credential delegation. It also includes another round of proactive security changes (for signed vs. unsigned integer issues), a new compression method that eliminates the risk of pre-authentication exploitation of zlib bugs, stronger arcfour ciphers, and many improvements to connection sharing.

[LFS-User@…]

I'm just about to install SSH in my new rounds of testing. I'll knock this one out and get the book updated so that it can be tested out by users using BLFS-SVN. I'll also test it out with GCC-4, though if I remember correctly the previous version had no issues with GCC-4

[bdubbs@…]

Current instructions work, but configure requires zlib-1.2.3 which is in LFS svn, but not in LFS 6.1.

Did not check against gcc-4.

[LFS-User@…]

The following sed is in the OpenSSH instructions.

sed -i -e "s/lkrb5 -ldes/lkrb5/" Makefile

This is because if you use OpenSSL for crypto, instead of the included libdes library when you compile Heimdal, then the build fails. The text in the instructions needs to be updated to say this and the sed should be updated as follows:

sed -i -e "s/lkrb5 -ldes/lkrb5 -lcrypto/" Makefile

This would not be necessary if libcrypto is already linked into the build at this stage of compiling.

[LFS-User@…]

Updated BLFS to OpenSSH-4.2p1. Added documentation installation commands. Clarified the note about linking to the Heimdal libraries.