openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

File libssh.changes of Package libssh

-------------------------------------------------------------------
Fri Apr 12 08:46:41 UTC 2024 - Pedro Monreal <pmonreal@suse.com>

- Don't change the path for crypto-policies libssh.config (bsc#1222716)

-------------------------------------------------------------------
Sat Dec 23 10:35:07 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>

- Fix regression parsing IPv6 addresses provided as hostname
  * Added libssh-fix-ipv6-hostname-regression.patch

-------------------------------------------------------------------
Tue Dec 19 12:28:53 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.10.6
  https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
- Fix CVE-2023-6004: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (bsc#1218209)
- Fix CVE-2023-48795: prefix truncation breaking ssh channel integrity (bsc#1218126)
- Fix CVE-2023-6918: Added Missing checks for return values for digests (bsc#1218186)

-------------------------------------------------------------------
Mon Sep 25 09:09:25 UTC 2023 - Pedro Monreal <pmonreal@suse.com>

- Enable crypto-policies support: [bsc#1211301]
  * Rebase libssh_client.config libssh_server.config

-------------------------------------------------------------------
Fri Aug  4 13:12:05 UTC 2023 - malcolmlewis@opensuse.org

- Add fix to spec file for the incorrect include path as a result
  of the default openSSH move to /usr/etc, (boo#1211718).

-------------------------------------------------------------------
Sat May  6 01:05:17 UTC 2023 - Dirk Müller <dmueller@suse.com>

- update to 0.10.5:
  * Fix CVE-2023-1667: a NULL dereference during rekeying with
    algorithm guessing
  * Fix CVE-2023-2283: a possible authorization bypass in
    pki_verify_data_signature under low-memory conditions.
  * Fix several memory leaks in GSSAPI handling code
  * Escape braces in ProxyCommand created from ProxyJump options
    for zsh compatibility.
  * Fix pkg-config path relocation for MinGW
  * Improve doxygen documentation
  * Fix build with cygwin due to the glob support
  * Do not enqueue outgoing packets after sending
    SSH2_MSG_NEWKEYS
  * Add support for SSH_SUPPRESS_DEPRECATED
  * Avoid functions declarations without prototype to build with
    clang 15
  * Fix spelling issues
  * Avoid expanding KnownHosts, ProxyCommands and IdentityFiles
    repetitively
  * Add support sk-* keys through configuration
  * Improve checking for Argp library
  * Log information about received extensions
  * Correctly handle rekey with delayed compression
  * Move the EC keys handling to OpenSSL 3.0 API
  * Record peer disconnect message
  * Avoid deadlock when write buffering occurs and we call poll
    recursively to flush the output buffer
  * Disable preauthentication compression by default
  * Add accidentally removed default compile flags
  * Solve incorrect parsing of ProxyCommand option

-------------------------------------------------------------------
Wed Sep  7 13:32:34 UTC 2022 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.10.4
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.4

-------------------------------------------------------------------
Mon Sep  5 13:00:07 UTC 2022 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.10.3
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.3

-------------------------------------------------------------------
Fri Sep  2 08:51:23 UTC 2022 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.10.2
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.2
- Removed libssh-weak-attribute.patch

-------------------------------------------------------------------
Tue Aug 30 14:29:51 UTC 2022 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.10.1
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.1
- Enable client and server testing
  * Added libssh-weak-attribute.patch

-------------------------------------------------------------------
Fri Aug 26 12:16:13 UTC 2022 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.10.0
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.0
- Removed 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch

-------------------------------------------------------------------
Wed Jan  5 13:58:56 UTC 2022 - Fabian Vogt <fabian@ritter-vogt.de>

- Add patch to make the compression option more compatible (boo#1192731):
  * 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch

-------------------------------------------------------------------
Thu Aug 26 13:15:59 UTC 2021 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.9.6 (bsc#1189608, CVE-2021-3634)
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6

-------------------------------------------------------------------
Mon Sep 21 19:16:06 UTC 2020 - Andreas Schneider <asn@cryptomilk.org>

- Add missing BR for openssh needed for tests

-------------------------------------------------------------------
Sun Sep 13 19:17:44 UTC 2020 - Dirk Mueller <dmueller@suse.com>

- update to 0.9.5 (bsc#1174713, CVE-2020-16135):
  * CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
  * Improve handling of library initialization (T222)
  * Fix parsing of subsecond times in SFTP (T219)
  * Make the documentation reproducible
  * Remove deprecated API usage in OpenSSL
  * Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
  * Define version in one place (T226)
  * Prevent invalid free when using different C runtimes than OpenSSL (T229)
  * Compatibility improvements to testsuite

-------------------------------------------------------------------
Thu Apr  9 07:50:07 UTC 2020 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.9.4
  * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
  * Fix possible Denial of Service attack when using AES-CTR-ciphers
    CVE-2020-1730 (bsc#1168699)

-------------------------------------------------------------------
Tue Feb 18 14:05:49 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>

- Drop the hack to pull curl-mini: we moved the split a bit higher
  up and now have a non-curl linked variant of cmake in
  openSUSE:Factory.

-------------------------------------------------------------------
Tue Dec 10 19:08:47 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.9.3
  * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution (bsc#1158095)
  * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
  * SSH-01-006 General: Various unchecked Null-derefs cause DOS
  * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
  * SSH-01-010 SSH: Deprecated hash function in fingerprinting
  * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
  * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
  * SSH-01-001 State Machine: Initial machine states should be set explicitly
  * SSH-01-002 Kex: Differently bound macros used to iterate same array
  * SSH-01-005 Code-Quality: Integer sign confusion during assignments
  * SSH-01-008 SCP: Protocol Injection via unescaped File Names
  * SSH-01-009 SSH: Update documentation which RFCs are implemented
  * SSH-01-012 PKI: Information leak via uninitialized stack buffer

-------------------------------------------------------------------
Mon Dec  9 09:25:43 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>

- Rename suffix define to pkg_suffix: rpm 4.15 has suffix reserved
  for internal use.

-------------------------------------------------------------------
Thu Nov  7 15:47:45 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.9.2
  * Fixed libssh-config.cmake
  * Fixed issues with rsa algorithm negotiation (T191)
  * Fixed detection of OpenSSL ed25519 support (T197)

-------------------------------------------------------------------
Fri Oct 25 14:47:49 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.9.1
  * Added support for Ed25519 via OpenSSL
  * Added support for X25519 via OpenSSL
  * Added support for localuser in Match keyword
  * Fixed Match keyword to be case sensitive
  * Fixed compilation with LibreSSL
  * Fixed error report of channel open (T75)
  * Fixed sftp documentation (T137)
  * Fixed known_hosts parsing (T156)
  * Fixed build issue with MinGW (T157)
  * Fixed build with gcc 9 (T164)
  * Fixed deprecation issues (T165)
  * Fixed known_hosts directory creation (T166)

-------------------------------------------------------------------
Wed Jul 10 08:42:34 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>

- Split out configuration to separate package to not mess up the
  library packaging and coinstallation

-------------------------------------------------------------------
Fri Jun 28 06:40:49 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>

- Update to verion 0.9.0
  * Added support for AES-GCM
  * Added improved rekeying support
  * Added performance improvements
  * Disabled blowfish support by default
  * Fixed several ssh config parsing issues
  * Added support for DH Group Exchange KEX
  * Added support for Encrypt-then-MAC mode
  * Added support for parsing server side configuration file
  * Added support for ECDSA/Ed25519 certificates
  * Added FIPS 140-2 compatibility
  * Improved known_hosts parsing
  * Improved documentation
  * Improved OpenSSL API usage for KEX, DH, and signatures
- Removed 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
- Removed 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
- Removed 0001-tests-Add-aes-gcm-ciphers-tests.patch
- Add libssh client and server config files

-------------------------------------------------------------------
Wed May 29 12:56:05 UTC 2019 - Ismail Dönmez <idonmez@suse.com>

- Fix the typo in Obsoletes for -devel-doc subpackage
- Actually remove the description for -devel-doc subpackage

-------------------------------------------------------------------
Thu May 23 15:32:07 UTC 2019 - James McDonough <jmcdonough@suse.com>

- Add support for new AES-GCM encryption types; (bsc#1134193)
  * Add 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
  * Add 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
  * Add 0001-tests-Add-aes-gcm-ciphers-tests.patch

-------------------------------------------------------------------
Thu Feb 28 07:17:52 UTC 2019 - Stephan Kulow <coolo@suse.com>

- Avoid build cycle between curl and libssh by using obs hint to 
  prefer curl-mini

-------------------------------------------------------------------
Mon Feb 25 09:28:34 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.8.7
  * Fixed handling extension flags in the server implementation
  * Fixed exporting ed25519 private keys
  * Fixed corner cases for rsa-sha2 signatures
  * Fixed some issues with connector

-------------------------------------------------------------------
Mon Feb 11 12:24:43 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>

- Drop doxygen from dependencies to avoid buildcycle
  * the documentation is available online anyway for anyone to
    consume and consult http://api.libssh.org

-------------------------------------------------------------------
Tue Jan  8 13:14:24 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>

- Added the tests in a multiple build description file *test* to
  break the cycle for cmocka, curl, doxygen and libssh.

-------------------------------------------------------------------
Sun Dec 30 16:15:23 UTC 2018 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.8.6
  * Fixed compilation issues with different OpenSSL versions
  * Fixed StrictHostKeyChecking in new knownhosts API
  * Fixed ssh_send_keepalive() with packet filter
  * Fixed possible crash with knownhosts options
  * Fixed issus with rekeying
  * Fixed strong ECDSA keys
  * Fixed some issues with rsa-sha2 extentions
  * Fixed access violation in ssh_init() (static linking)
  * Fixed ssh_channel_close() handling

-------------------------------------------------------------------
Mon Oct 29 10:36:40 UTC 2018 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.8.5
  * Added support to get known_hosts locations with ssh_options_get()
  * Fixed preferred algorithm for known hosts negotiations
  * Fixed KEX with some server implementations (e.g. Cisco)
  * Fixed issues with MSVC
  * Fixed keyboard-interactive auth in server mode
    (regression from CVE-2018-10933)
  * Fixed gssapi auth in server mode (regression from CVE-2018-10933)
  * Fixed socket fd handling with proxy command
  * Fixed a memory leak with OpenSSL

-------------------------------------------------------------------
Tue Oct 16 12:07:50 UTC 2018 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.8.4
  * Fixed CVE-2018-10933; (bsc#1108020)
  * Fixed building without globbing support
  * Fixed possible memory leaks
  * Avoid SIGPIPE on sockets

-------------------------------------------------------------------
Fri Sep 21 08:32:56 UTC 2018 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.8.3
  * Added support for rsa-sha2
  * Added support to parse private keys in openssh container format
    (other than ed25519)
  * Added support for diffie-hellman-group18-sha512 and
    diffie-hellman-group16-sha512
  * Added ssh_get_fingerprint_hash()
  * Added ssh_pki_export_privkey_base64()
  * Added support for Match keyword in config file
  * Improved performance and reduced memory footprint for sftp
  * Fixed ecdsa publickey auth
  * Fixed reading a closed channel
  * Added support to announce posix-rename@openssh.com and
    hardlink@openssh.com in the sftp server
- Removed patch: 0001-poll-Fix-size-types-in-ssh_event_free.patch

-------------------------------------------------------------------
Thu Aug 30 06:00:24 UTC 2018 - Andreas Schneider <asn@cryptomilk.org>

- Update to version 0.8.2
  * Added sha256 fingerprints for pubkeys
  * Improved compiler flag detection
  * Fixed race condition in reading sftp messages
  * Fixed doxygen generation and added modern style
  * Fixed library initialization on Windows
  * Fixed __bounded__ attribute detection
  * Fixed a bug in the options parser
  * Fixed documentation for new knwon_hosts API
- Added patch: 0001-poll-Fix-size-types-in-ssh_event_free.patch
  * Fix compiler warning on SLE12

-------------------------------------------------------------------
Mon Aug 27 09:25:49 UTC 2018 - vcizek@suse.com

- Add missing zlib-devel dependency which was previously pulled in
  by libopenssl-devel

-------------------------------------------------------------------
Tue Aug 14 13:34:19 UTC 2018 - asn@cryptomilk.org

- Remove the libssh_threads.so symlink

-------------------------------------------------------------------
Mon Aug 13 20:26:03 UTC 2018 - asn@cryptomilk.org

- Update to version 0.8.1
  * Fixed version number in the header
  * Fixed version number in pkg-config and cmake config
  * Fixed library initialization
  * Fixed attribute detection

-------------------------------------------------------------------
Fri Aug 10 12:01:17 UTC 2018 - asn@cryptomilk.org

- Update to version 0.8.0
  * Removed support for deprecated SSHv1 protocol
  * Added new connector API for clients
  * Added new known_hosts parsing API
  * Added support for OpenSSL 1.1
  * Added support for chacha20-poly1305 cipher
  * Added crypto backend for mbedtls crypto library
  * Added ECDSA support with gcrypt backend
  * Added advanced client and server testing using cwrap.org
  * Added support for curve25519-sha256 alias
  * Added support for global known_hosts file
  * Added support for symbol versioning
  * Improved ssh_config parsing
  * Improved threading support
- Removed 0001-libcrypto-Remove-AES_ctr128_encrypt.patch
- Removed 0001-libcrypto-Introduce-a-libcrypto-compat-file.patch
- Removed 0001-libcrypto-Use-newer-API-for-HMAC.patch
- Removed 0001-libcrypto-Use-a-pointer-for-EVP_MD_CTX.patch
- Removed 0001-libcrypto-Use-a-pointer-for-EVP_CIPHER_CTX.patch
- Removed 0001-pki_crypto-Use-getters-and-setters-for-opaque-keys-a.patch
- Removed 0001-threads-Use-new-API-call-for-OpenSSL-CRYPTO-THREADID.patch
- Removed 0001-cmake-Use-configure-check-for-CRYPTO_ctr128_encrypt.patch
- Removed 0001-config-Bugfix-Dont-skip-unseen-opcodes.patch

-------------------------------------------------------------------
Fri Mar  9 14:12:28 UTC 2018 - jmcdonough@suse.com

- Disable timeout testing on slow build systems (bsc#1084713)
  * 0001-disable-timeout-test-on-slow-buildsystems.patch

-------------------------------------------------------------------
Sun Dec 24 14:41:46 UTC 2017 - fabian@ritter-vogt.de

- Add patch to fix parsing of config files (boo#1067782):
  * 0001-config-Bugfix-Dont-skip-unseen-opcodes.patch

-------------------------------------------------------------------
Fri Sep 15 08:31:32 UTC 2017 - vcizek@suse.com

- add support for building with OpenSSL 1.1 (bsc#1055266)
  * added patches:
    * 0001-cmake-Use-configure-check-for-CRYPTO_ctr128_encrypt.patch
    * 0001-libcrypto-Introduce-a-libcrypto-compat-file.patch
    * 0001-libcrypto-Remove-AES_ctr128_encrypt.patch
    * 0001-libcrypto-Use-a-pointer-for-EVP_MD_CTX.patch
    * 0001-libcrypto-Use-a-pointer-for-EVP_CIPHER_CTX.patch
    * 0001-libcrypto-Use-newer-API-for-HMAC.patch
    * 0001-pki_crypto-Use-getters-and-setters-for-opaque-keys-a.patch
    * 0001-threads-Use-new-API-call-for-OpenSSL-CRYPTO-THREADID.patch

-------------------------------------------------------------------
Mon Jul 31 08:31:20 UTC 2017 - astieger@suse.com

- add package keyring and verify source signature

-------------------------------------------------------------------
Thu Apr 13 14:41:57 UTC 2017 - asn@cryptomilk.org

- Update to version 0.7.5
  * Fixed a memory allocation issue with buffers
  * Fixed PKI on Windows
  * Fixed some SSHv1 functions
  * Fixed config hostname expansion

-------------------------------------------------------------------
Wed Feb  8 10:43:05 UTC 2017 - asn@cryptomilk.org

- Update to version 0.7.4
  * Added id_ed25519 to the default identity list
  * Fixed sftp EOF packet handling
  * Fixed ssh_send_banner() to confirm with RFC 4253
  * Fixed some memory leaks
- Removed patch gcc5-fixes.patch

-------------------------------------------------------------------
Wed Dec  7 12:22:00 UTC 2016 - jengelh@inai.de

- Update descriptions. Drop redundant pkgconfig require
  (it's autodetected).

-------------------------------------------------------------------
Wed Oct  7 08:25:18 UTC 2015 - asn@cryptomilk.org

- Update to version 0.7.2
  * Fixed OpenSSL detection on Windows
  * Fixed return status for ssh_userauth_agent()
  * Fixed KEX to prefer hmac-sha2-256
  * Fixed sftp packet handling
  * Fixed return values of ssh_key_is_(public|private)
  * Fixed bug in global success reply

-------------------------------------------------------------------
Mon Jul 20 09:29:46 UTC 2015 - tchvatal@suse.com

- Enable testsuite run to check the state of libssh itself
- Use SUSE macros to define environment clearly
- Enable gssapi by adding krb5 dependency

-------------------------------------------------------------------
Tue Jun 30 07:36:31 UTC 2015 - asn@cryptomilk.org

- Update to version 0.7.1
  * Fixed SSH_AUTH_PARTIAL auth with auto public key
  * Fixed memory leak in session options
  * Fixed allocation of ed25519 public keys
  * Fixed channel exit-status and exit-signal
  * Reintroduce ssh_forward_listen()

-------------------------------------------------------------------
Mon May 11 09:50:29 UTC 2015 - asn@cryptomilk.org

- Update to version 0.7.0
  * Added support for ed25519 keys
  * Added SHA2 algorithms for HMAC
  * Added improved and more secure buffer handling code
  * Added callback for auth_none_function
  * Added support for ECDSA private key signing
  * Added more tests
  * Fixed a lot of bugs
  * Improved API documentation

-------------------------------------------------------------------
Wed May  6 20:26:52 UTC 2015 - dmueller@suse.com

- add gcc5-fixes.patch: Fix build against GCC 5.x

-------------------------------------------------------------------
Thu Apr 30 14:08:31 UTC 2015 - asn@cryptomilk.org

- Update to version 0.6.5
  * Fixed CVE-2015-3146
  * Fixed port handling in config file
  * Fixed the build with libgcrypt
  * Fixed SFTP endian issues (rlo #179)
  * Fixed uninitilized sig variable (rlo #167)
  * Fixed polling issues which could result in a hang
  * Fixed handling of EINTR in ssh_poll() (rlo #186)
  * Fixed C99 issues with __func__
  * Fixed some memory leaks
  * Improved macro detection on Windows

-------------------------------------------------------------------
Thu Jan 22 07:41:22 UTC 2015 - coolo@suse.com

- removing argument from popd
- add baselibs.conf as source

-------------------------------------------------------------------
Fri Dec 19 09:51:35 UTC 2014 - asn@cryptomilk.org

- Update to version 0.6.4
  * Fixed CVE-2014-8132.
  * Added SHA-2 for session ID signing with ECDSA keys.
  * Added support for ECDSA host keys.
  * Added support for more ECDSA hostkey algorithms.
  * Added ssh_pki_key_ecdsa_name() API.
  * Fixed setting the bindfd only after successful listen.
  * Fixed issues with user created sockets.
  * Fixed several issues in libssh C++ wrapper.
  * Fixed several documentation issues.
  * Fixed channel exit-signal request.
  * Fixed X11 request screen number in messages.
  * Fixed several memory leaks.

-------------------------------------------------------------------
Tue Mar  4 17:20:09 UTC 2014 - asn@cryptomilk.org

- Update to version 0.6.3
  * Fix CVE-2014-0017.

-------------------------------------------------------------------
Mon Feb 10 09:25:48 UTC 2014 - asn@cryptomilk.org

- Update to version 0.6.1
  * Added support for libgcrypt 1.6.
  * Added ssh_channel_accept_forward().
  * Added known_hosts heuristic during connection (#138).
  * Added getters for session cipher names.
  * Fixed decrypt of zero length buffer.
  * Fixed padding in RSA signature blobs.
  * Fixed DSA signature extraction.
  * Fixed some memory leaks.
  * Fixed read of non-connected socket.
  * Fixed thread dectection.

-------------------------------------------------------------------
Wed Jan  8 10:18:32 UTC 2014 - asn@cryptomilk.org

- Update to version 0.6.0
  * Added new publicy key API.
  * Added new userauth API.
  * Added ssh_get_publickey_hash() function.
  * Added ssh_get_poll_flags() function.
  * Added gssapi-mic userauth.
  * Added GSSAPIServerIdentity option.
  * Added GSSAPIClientIdentity option.
  * Added GSSAPIDelegateCredentials option.
  * Added new callback based server API.
  * Added Elliptic Curve DSA (ECDSA) support (with OpenSSL).
  * Added Elliptic Curve Diffie Hellman (ECDH) support.
  * Added Curve25519 for ECDH key exchange.
  * Added improved logging system.
  * Added SSH-agent forwarding.
  * Added key-reexchange.
  * Added more unit tests.
  * Improved documentation.
  * Fixed timeout handling.

-------------------------------------------------------------------
Thu Dec 19 13:23:21 CET 2013 - kukuk@suse.de

- Remove remove-pedantic-errors.diff, does not apply anymore and is
  not needed anymore.

-------------------------------------------------------------------
Thu Oct 31 21:49:47 UTC 2013 - javier@opensuse.org

- Update to version 0.6.0rc1
  * Added new publicy key API.
  * Added new userauth API.
  * Added gssapi-mic userauth.
  * Added new callback based server API.
  * Added Elliptic Curve DSA (ECDSA) support (with OpenSSL).
  * Added Elliptic Curve Diffie Hellman (ECDH) support.
  * Added improved logging system.
  * Added SSH-agent forwarding.
  * Added key-reexchange.
  * Improved documentation.
  * Fixed timeout handling.

-------------------------------------------------------------------
Mon Jul 29 08:17:19 UTC 2013 - asn@cryptomilk.org

- Add baselibs.conf
- Require xz to fix build on older distro versions.

-------------------------------------------------------------------
Fri Jul 26 07:44:37 UTC 2013 - asn@cryptomilk.org

- Update to version 0.5.5
  * BUG 103: Fix ProxyCommand parsing.
    - Remove patch fix-proxycomand-parsing1.diff
    - Remove patch fix-proxy-command-none.diff
  * Fix setting -D_FORTIFY_SOURCE=2.
  * Fix pollset error return if emtpy.
  * Fix NULL pointer checks in channel functions.
  * Several bugfixes.

-------------------------------------------------------------------
Thu Jul 25 19:56:12 UTC 2013 - lbeltrame@kde.org

- Add fix-proxycomand-parsing1.diff: fix ProxyCommand parsing in 
  libssh (upstream libssh bug 103)
- Add fix-proxy-command-none.diff: fix ProxyCommand when it is
  "none" (upstream libssh bug 103)

-------------------------------------------------------------------
Tue Jan 22 15:03:51 UTC 2013 - asn@cryptomilk.org

- Update to version 0.5.4
  * CVE-2013-0176 - NULL dereference leads to denial of service
  * Fixed several NULL pointer dereferences in SSHv1.
  * Fixed a free crash bug in options parsing.

-------------------------------------------------------------------
Tue Nov 20 13:40:42 UTC 2012 - asn@cryptomilk.org

- Update to version 0.5.3
  * CVE-2012-4559 Fixed multiple double free() flaws.
  * CVE-2012-4560 Fixed multiple buffer overflow flaws.
  * CVE-2012-4561 Fixed multiple invalid free() flaws.
  * rlo #84 - Fix bug in sftp_mkdir not returning on error.
  * rlo #85 - Fixed a possible channel infinite loop if the connection dropped.
  * rlo #88 - Added missing channel request_state and set it to accepted.
  * rlo #89 - Reset error state to no error on successful SSHv1 authentiction.
  * Fixed a possible use after free in ssh_free().
  * Fixed multiple possible NULL pointer dereferences.
  * Fixed multiple memory leaks in error paths.
  * Fixed timeout handling.
  * Fixed regression in pre-connected socket setting.
  * Handle all unknown global messages.

-------------------------------------------------------------------
Tue Feb  7 13:34:00 UTC 2012 - jengelh@medozas.de

- Ensure pkgconfig symbols are provided

-------------------------------------------------------------------
Tue Jan 31 10:36:26 UTC 2012 - jengelh@medozas.de

- Remove redundant tags/sections per specfile guideline suggestions
- Parallel building using %_smp_mflags
- Make pkgconfig provides available
- Add patch to work around compilation problems on SLES11SP1

-------------------------------------------------------------------
Sat Sep 17 07:00:53 UTC 2011 - asn@cryptomilk.org

- Update to version 0.5.2
  * Increased window size x10.
  * Fixed SSHv1.
  * Fixed bugged lists.
  * Fixed use-after-free + inconsistent callbacks call in poll.
  * Fixed scp documentation.
  * Fixed possible infinite loop in channel_read().
  * Fixed handling of short reads of sftp_async_read().
  * Fixed handling request service timeout in blocking mode.
  * Fixed ssh_auth_list() documentation.
  * Fixed incorrect return values in ssh_channel_write().
  * Fixed an infinite loop in the termination callback.
  * Fixed handling of SSH_AGAIN in channel_open().
  * Fixed "status -5 inflating zlib packet"

-------------------------------------------------------------------
Tue Sep  6 03:36:48 UTC 2011 - crrodriguez@opensuse.org

- Build with OPENSSL_LOAD_CONF so we respect user's choice
  of which  "openssl engine" to use for crypto (aes-ni,intel-accel)

-------------------------------------------------------------------
Tue Aug  9 15:12:39 UTC 2011 - asn@cryptomilk.org

- Update to version 0.5.1
  * Added checks for NULL pointers in string.c.
  * Set the channel max packet size to 32768.
  * Don't (de)compress empty buffers.
  * Fixed ssh_scp_write so it works when doing recursive copy.
  * Fixed another source of endless wait.
  * Fixed an endless loop in case of a channel_open error.
  * Fixed session timeout handling.
  * Fixed ssh_channel_from_local() loop.
  * Fixed permissions of scp example when we copy a file.
  * Workaround ssh_get_user_home_dir on LDAP users.
  * Added pkg-config support for libssh_threads.
  * Fixed compilation without server and sftp modes.
  * Fix static .lib overwriting on Windows.

-------------------------------------------------------------------
Tue May 31 14:32:09 UTC 2011 - asn@cryptomilk.org

- Update to version 0.5.0
  * Added ssh_ prefix to all functions.
  * Added complete Windows support.
  * Added improved server support.
  * Added unit tests for a lot of functions.
  * Added asynchronous service request.
  * Added a multiplatform ssh_getpass() function.
  * Added a tutorial.
  * Added a lot of documentation.
  * Fixed a lot of bugs.
  * Fixed several memory leaks.

-------------------------------------------------------------------
Sat Jan 15 08:58:45 UTC 2011 - asn@cryptomilk.org

- Update to version 0.4.8
  * Fixed memory leaks in session signing.
  * Fixed memory leak in ssh_print_hexa.
  * Fixed problem with ssh_connect w/ timeout and fd > 1024.
  * Fixed some warnings on OS/2.
  * Fixed installation path for OS/2.

-------------------------------------------------------------------
Mon Dec 27 20:12:23 CET 2010 - asn@cynapses.org

- Update to version 0.4.7
  * Fixed a possible memory leak in ssh_get_user_home().
  * Fixed a memory leak in sftp_xstat.
  * Fixed uninitialized fd->revents member.
  * Fixed timout value in ssh_channel_accept().
  * Fixed length checks in ssh_analyze_banner().
  * Fixed a possible data overread and crash bug.
  * Fixed setting max_fd which breaks ssh_select().
  * Fixed some pedantic build warnings.
  * Fixed a memory leak with session->bindaddr.

-------------------------------------------------------------------
Sun Sep  5 19:30:28 CEST 2010 - asn@cynapses.org

- Update to version 0.4.6
  * Added a cleanup function to free the ws2_32 library.
  * Fixed build with gcc 3.4.
  * Fixed the Windows build on Vista and newer.
  * Fixed the usage of WSAPoll() on Windows.
  * Fixed "@deprecated" in doxygen
  * Fixed some mingw warnings.
  * Fixed handling of opened channels.
  * Fixed keepalive problem on older openssh servers.
  * Fixed testing for big endian on Windows.
  * Fixed the Windows preprocessor macros and defines.

-------------------------------------------------------------------
Tue Jul 13 10:27:13 CEST 2010 - anschneider@exsuse.de

- Update to version 0.4.5
  * Added option to bind a client to an ip address.
  * Fixed the ssh socket polling function.
  * Fixed Windows related bugs in bsd_poll().
  * Fixed serveral build warnings.

-------------------------------------------------------------------
Mon May 31 14:13:55 CEST 2010 - anschneider@exsuse.de

- Update to version 0.4.4
  * Fixed some bugs ein path expand functions.

-------------------------------------------------------------------
Mon May 17 23:50:11 CEST 2010 - anschneider@exsuse.de

- Update to version 0.4.3
  * Added global/keepalive responses.
  * Added runtime detection of WSAPoll().
  * Added a select(2) based poll-emulation if poll(2) is not available.
  * Added a function to expand an escaped string.
  * Added a function to expand the tilde from a path.
  * Added a proxycommand support.
  * Added ssh_privatekey_type public function
  * Added the possibility to define _OPENSSL_DIR and _ZLIB_DIR.
  * Fixed sftp_chown.
  * Fixed sftp_rename on protocol version 3.
  * Fixed a blocking bug in channel_poll.
  * Fixed config parsing wich has overwritten user specified values.
  * Fixed hashed [host]:port format in knownhosts
  * Fixed Windows build.
  * Fixed doublefree happening after a negociation error.
  * Fixed aes*-ctr with <= OpenSSL 0.9.7b.
  * Fixed some documentation.
  * Fixed exec example which has broken read usage.
  * Fixed broken algorithm choice for server.
  * Fixed a typo that we don't export all symbols.
  * Removed the unneeded dependency to doxygen.
  * Build examples only on the Linux plattform.

-------------------------------------------------------------------
Mon Mar 15 19:40:44 CET 2010 - anschneider@exsuse.de

- Update to version 0.4.2
  * Added owner and group information in sftp attributes.
  * Added missing SSH_OPTIONS_FD option.
  * Added printout of owner and group in the sftp example.
  * Added a prepend function for ssh_list.
  * Added send back replies to openssh's keepalives.
  * Fixed documentation in scp code
  * Fixed longname parsing, this only workings with readdir.
  * Fixed and added support for several identity files.
  * Fixed sftp_parse_longname() on Windows.
  * Fixed a race condition bug in ssh_scp_close()
  * Remove config support for SSHv1 Cipher variable.
  * Rename ssh_list_add to ssh_list_append.
  * Rename ssh_list_get_head to ssh_list_pop_head

-------------------------------------------------------------------
Mon Feb 15 12:41:47 CET 2010 - anschneider@exsuse.de

- Fixed Requires.

-------------------------------------------------------------------
Sat Feb 13 15:29:14 CET 2010 - anschneider@exsuse.de

- Update to version 0.4.1
  * Added support for aes128-ctr, aes192-ctr and aes256-ctr encryption.
  * Added an example for exec.
  * Added private key type detection feature in privatekey_from_file().
  * Fixed zlib compression fallback.
  * Fixed kex bug that client preference should be prioritary
  * Fixed known_hosts file set by the user.
  * Fixed a memleak in channel_accept().
  * Fixed underflow when leave_function() are unbalanced
  * Fixed memory corruption in handle_channel_request_open().
  * Fixed closing of a file handle case of errors in privatekey_from_file().
  * Fixed ssh_get_user_home_dir() to be thread safe.
  * Fixed the doxygen documentation.

-------------------------------------------------------------------
Thu Dec 10 23:43:19 CET 2009 - anschneider@exsuse.de

- Update to version 0.4.0
  * Added scp support.
  * Added support for sending signals (RFC 4254, section 6.9).
  * Added MSVC support.
  * Added support for ~/.ssh/config.
  * Added sftp extension support.
  * Added X11 forwarding support for client.
  * Added forward listening.
  * Added support for openssh extensions (statvfs, fstatvfs).
  * Added a cleaned up interface for setting options.
  * Added a generic way to handle sockets asynchronously.
  * Added logging of the sftp flags used to open a file.
  * Added full poll() support and poll-emulation for win32.
  * Added missing 64bit functions in sftp.
  * Added support for ~/ and SSH_DIR/ in filenames instead of %s/.
  * Fixed Fix channel_get_exit_status bug.
  * Fixed calltrace logging to make it optional.
  * Fixed compilation on Solaris.
  * Fixed resolving of ip addresses.
  * Fixed libssh compilation without server support.
  * Fixed possible memory corruptions (ticket #14).

-------------------------------------------------------------------
Mon Sep 14 10:20:52 CEST 2009 - anschneider@exsuse.de

- Update to version 0.3.4.
  * Added ssh_basename and ssh_dirname.
  * Added a portable ssh_mkdir function.
  * Added a sftp_tell64() function.
  * Added missing NULL pointer checks to crypt_set_algorithms_server.
  * Fixed ssh_write_knownhost if ~/.ssh doesn't exist.
  * Fixed a possible integer overflow in buffer_get_data().
  * Fixed possible security bug in packet_decrypt().

-------------------------------------------------------------------
Tue Aug 18 15:28:06 CEST 2009 - anschneider@exsuse.de

- Update to version 0.3.3.
  * Fixed double free pointer crash in dsa_public_to_string.
  * Fixed channel_get_exit_status bug.
  * Fixed ssh_finalize which didn't clear the flag.
  * Fixed memory leak introduced by previous bugfix.
  * Fixed channel_poll broken when delayed EOF recvd.
  * Fixed stupid "can't parse known host key" bug.
  * Fixed possible memory corruption (ticket #14).

-------------------------------------------------------------------
Tue Aug  4 16:20:25 CEST 2009 - anschneider@exsuse.de

- Update to version 0.3.2
  * Added ssh_init() function.
  * Added sftp_readlink() function.
  * Added sftp_symlink() function.
  * Fixed ssh_write_knownhost().
  * Fixed compilation on Solaris.
  * Fixed SSHv1 compilation.

-------------------------------------------------------------------
Tue Jul 14 09:55:36 CEST 2009 - anschneider@exsuse.de

- Update to version 0.3.1
  * Added return code SSH_SERVER_FILE_NOT_FOUND.
  * Fixed compilation of SSHv1.
  * Fixed several memory leaks.
  * Fixed possible infinite loops.
  * Fixed a possible crash bug.
  * Fixed build warnings.
  * Fixed cmake on BSD.

-------------------------------------------------------------------
Thu May 21 10:52:35 CEST 2009 - anschneider@exsuse.de

- Update to version 0.3.0
  * Added support for ssh-agent authentication.
  * Added POSIX like sftp implementation.
  * Added error checking to all functions.
  * Added const to arguments where it was needed.
  * Added a channel_get_exit_status() function.
  * Added a channel_read_buffer() function, channel_read() is now
    a POSIX like function.
  * Added a more generic auth callback function.
  * Added printf attribute checking for log and error functions.
  * Added runtime function tracer support.
  * Added NSIS build support with CPack.
  * Added openssh hashed host support.
  * Added API documentation for all public functions.
  * Added asynchronous SFTP read function.
  * Added a ssh_bind_set_fd() function.
  * Fixed known_hosts parsing.
  * Fixed a lot of build warnings.
  * Fixed the Windows build.
  * Fixed a lot of memory leaks.
  * Fixed a double free corruption in the server support.
  * Fixed the "ssh_accept:" bug in server support.
  * Fixed important channel bugs.
  * Refactored the socket handling.
  * Switched to CMake build system.
  * Improved performance.

-------------------------------------------------------------------
Mon Nov 17 17:46:00 CET 2008 - anschneider@suse.de

- Add 'Provides: libssh' to the library that the debuginfo package
  can be installed.
- Fix channel performance by changing the window len.
- Use libssh2 as name for the library package.
- Remove rpmlintrc

-------------------------------------------------------------------
Tue Oct  7 21:19:07 CEST 2008 - aj@suse.de

- Disable parallel build since it breaks the build.

-------------------------------------------------------------------
Tue Sep 30 14:02:58 CEST 2008 - ro@suse.de

- Add rpmlintrc (desired package name is already taken by another
  package)

-------------------------------------------------------------------
Tue Sep 30 13:49:00 CEST 2008 - ro@suse.de

- Fix debug package requires

-------------------------------------------------------------------
Tue Sep 30 12:41:19 CEST 2008 - ro@suse.de

- Fixed filelist

-------------------------------------------------------------------
Thu Aug 21 11:26:29 CEST 2008 - anschneider@suse.de

- Map the permissions field to the type field for sftp v3.
- Add errno mapping for sftp functions

-------------------------------------------------------------------
Wed Aug 20 16:08:57 CEST 2008 - anschneider@suse.de

- Initial libssh package

Places

File libssh.changes of Package libssh

Places