Tuesday 23rd February 2016
Fedora Project
Updated GeoIP-GeoLite-data to the February 2016 databases in Rawhide
Updated gtkwave to 3.3.70 in Rawhide:
Various warnings fixes from new version of scan-build
- Crash fix in Windows for transaction traces (broken since VCD/TIM export in 3.3.61)
Updated libssh2 to 1.7.0 in Rawhide:
diffie_hellman_sha256: convert bytes to bits (CVE-2016-0787); see http://www.libssh2.org/adv_20160223.html
libssh2_session_set_last_error: Add function
- mac: Add support for HMAC-SHA-256 and HMAC-SHA-512
- WinCNG: support for SHA256/512 HMAC
- kex: Added diffie-hellman-group-exchange-sha256 support
- OS/400 crypto library QC3 support
- SFTP: Increase speed and datasize in SFTP read
openssl: Make libssh2_sha1 return error code
openssl: Fix memleak in _libssh2_dsa_sha1_verify()
- cmake: Include CMake files in the release tarballs
- Fix builds with Visual Studio 2015
hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined
GNUmakefile: Add support for LIBSSH2_LDFLAG_EXTRAS
GNUmakefile: Add -m64 CFLAGS when targeting mingw64
kex: free server host key before allocating it (again)
SCP: Add libssh2_scp_recv2 to support large (> 2GB) files on windows
channel: Detect bad usage of libssh2_channel_process_startup
- userauth: Fix off by one error when reading public key file
kex: Removed dupe entry from libssh2_kex_methods
_libssh2_error: Support allocating the error message
hostkey: Fix invalid memory access if libssh2_dsa_new fails
hostkey: Align code path of ssh_rsa_init to ssh_dss_init
libssh2.pc.in: Fix the output of pkg-config --libs
wincng: Fixed possible memory leak in _libssh2_wincng_hash
wincng: Fixed _libssh2_wincng_hash_final return value
- Add OpenSSL 1.1.0-pre2 compatibility
agent_disconnect_unix: Unset the agent fd after closing it
- sftp: Stop reading when buffer is full
- sftp: Send at least one read request before reading
sftp: Don't return EAGAIN if data was written to buffer
- sftp: Check read packet file offset
configure: build "silent" if possible
- openssl: Add OpenSSL 1.1.0-pre3-dev compatibility
- GNUmakefile: List system libs after user libs
Updated libssh2 (1.6.0) in F-23 to fix CVE-2016-0787
Updated libssh2 (1.5.0) in F-22 to fix CVE-2016-0787
Local Packages
Updated GeoIP-GeoLite-data to the February 2016 databases as per the Fedora version
Updated gtkwave to 3.3.70 as per the Fedora version
Updated libssh2 to 1.7.0 as per the Fedora version