amd64/145940: [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths

Andrei V. Lavreniyuk andy.lavr at reactor-xg.kiev.ua
Thu Apr 22 18:10:03 UTC 2010


The following reply was made to PR amd64/145940; it has been noted by GNATS.

From: "Andrei V. Lavreniyuk" <andy.lavr at reactor-xg.kiev.ua>
To: bug-followup at FreeBSD.org
Cc:  
Subject: Re: amd64/145940: [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile
 with getcwd(), unbreaks relative paths
Date: Thu, 22 Apr 2010 21:09:30 +0300

 Hi!
 
 
 OpenSSH-5.5p1
 
 
 
 20100410
   - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
     back so we disable the IPv6 tests if we don't have it.
 
 20100409
   - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
     ones.  Based on a patch from Roumen Petrov.
   - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags 
 if we
     have it and the path is not provided to --with-libedit.  Based on a 
 patch
     from Iain Morgan. 
 
   - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: 
 enable
     utmpx support on FreeBSD where possible.  Patch from Ed Schouten, ok 
 djm@
 
 20100326
   - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
     for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
   - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch 
 originally
     by Ingo Weinhold via Scott McCreary, ok djm@ 
 
   - (djm) OpenBSD CVS Sync 
 
     - djm at cvs.openbsd.org 2010/03/25 23:38:28 
 
       [servconf.c] 
 
       from portable: getcwd(NULL, 0) doesn't work on all platforms, so 
 
       use a stack buffer; ok dtucker@ 
 
     - djm at cvs.openbsd.org 2010/03/26 00:26:58 
 
       [ssh.1] 
 
       mention that -S none disables connection sharing; from Colin 
 Watson
   - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms 
 -
     set up SELinux execution context before chroot() call. From Russell 
 
     Coker via Colin watson; bz#1726 ok dtucker@ 
 
   - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; 
 bz#1721
     ok dtucker@ 
 
   - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 
 using
     pkg-config, patch from Colin Watson.  Needed for newer linkers (ie 
 gold).
   - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no 
 keys;
     bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@ 
 
   - (dtucker) OpenBSD CVS Sync 
 
     - dtucker at cvs.openbsd.org 2010/03/26 01:06:13 
 
       [ssh_config.5] 
 
       Reformat default value of PreferredAuthentications entry (current 
 
       formatting implies ", " is acceptable as a separator, which it's not.
       ok djm@
 
 20100324
   - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
     containing the services file explicitely case-insensitive.  This 
 allows to
     tweak the Windows services file reliably.  Patch from vinschen at 
 redhat.
 
 20100321
   - (djm) OpenBSD CVS Sync
     - jmc at cvs.openbsd.org 2010/03/08 09:41:27
       [ssh-keygen.1]
       sort the list of constraints (to -O); ok djm
     - jmc at cvs.openbsd.org 2010/03/10 07:40:35
       [ssh-keygen.1]
       typos; from Ross Richardson
       closes prs 6334 and 6335
     - djm at cvs.openbsd.org 2010/03/10 23:27:17
       [auth2-pubkey.c]
       correct certificate logging and make it more consistent between
       authorized_keys and TrustedCAKeys; ok markus@
     - djm at cvs.openbsd.org 2010/03/12 01:06:25
       [servconf.c]
       unbreak AuthorizedKeys option with a $HOME-relative path; reported by
       vinschen AT redhat.com, ok dtucker@
     - markus at cvs.openbsd.org 2010/03/12 11:37:40
       [servconf.c]
       do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative 
 paths
       free() (not xfree()) the buffer returned by getcwd()
     - djm at cvs.openbsd.org 2010/03/13 21:10:38
       [clientloop.c]
       protocol conformance fix: send language tag when disconnecting 
 normally;
       spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
     - djm at cvs.openbsd.org 2010/03/13 21:45:46
       [ssh-keygen.1]
       Certificates are named *-cert.pub, not *_cert.pub; committing a diff
       from stevesk@ ok me
     - jmc at cvs.openbsd.org 2010/03/13 23:38:13
       [ssh-keygen.1]
       fix a formatting error (args need quoted); noted by stevesk
     - stevesk at cvs.openbsd.org 2010/03/15 19:40:02
       [key.c key.h ssh-keygen.c]
       also print certificate type (user or host) for ssh-keygen -L
       ok djm kettenis
     - stevesk at cvs.openbsd.org 2010/03/16 15:46:52
       [auth-options.c]
       spelling in error message. ok djm kettenis
     - djm at cvs.openbsd.org 2010/03/16 16:36:49
       [version.h]
       crank version to openssh-5.5 since we have a few fixes since 5.4;
       requested deraadt@ kettenis@
   - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
     [contrib/suse/openssh.spec] Crank version numbers
 
 20100314
   - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
     compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
     AT fefe.de
   - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
     ssh-pkcs11-helper to repair static builds (we do the same for
     ssh-keyscan). Reported by felix-mindrot AT fefe.de
 
 20100312
   - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir)
   - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
     Patch from Corinna Vinschen.
   - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to 
 install
     on a Cygwin installation. Patch from Corinna Vinschen.
 
 20100311
   - (tim) [contrib/suse/openssh.spec] crank version number here too.
     report by imorgan AT nas.nasa.gov
 
 20100309
   - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for 
 BROKEN_GETADDRINFO
     so setting it in CFLAGS correctly skips IPv6 tests.
 
 
 
 -- 
   Best regards, Andrei V. Lavreniyuk.
 


More information about the freebsd-amd64 mailing list