Yeat another test release. This fixes a few problems that were
reported in the last 24 hours.
One security problem fixed by this release is the braindead linking
behaviour of AIX's ld. In their infinite wisdom, IBM decided to make
the -L linker flag specify /runtime/ link paths. This could allow
someone to substitute a modified shared library to a suid program.
For gory details, have a look for a recent message "Unexpected and
dangerous AIX 4.X linker behavior" in a BUGTRAQ archive. Thanks to Jim
Knoble for pointing this out.
I am keen to hear reports from AIX users.
Regards,
Damien Miller
20000317
- Clarified --with-default-path option.
- Added -blibpath handling for AIX to work around stupid runtime linking.
Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
<jmknoble@pobox.com>
- Checks for 64 bit int types. Problem report from Mats Fredholm
<matsf@init.se>
- OpenBSD CVS updates:
- [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
[packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
[sshd.c]
pedantic: signed vs. unsigned, void*-arithm, etc
- [ssh.1 sshd.8]
Various cleanups and standardizations.
- Runtime error fix for HPUX from Otmar Stahl
<O.Stahl@lsw.uni-heidelberg.de>
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)
reported in the last 24 hours.
One security problem fixed by this release is the braindead linking
behaviour of AIX's ld. In their infinite wisdom, IBM decided to make
the -L linker flag specify /runtime/ link paths. This could allow
someone to substitute a modified shared library to a suid program.
For gory details, have a look for a recent message "Unexpected and
dangerous AIX 4.X linker behavior" in a BUGTRAQ archive. Thanks to Jim
Knoble for pointing this out.
I am keen to hear reports from AIX users.
Regards,
Damien Miller
20000317
- Clarified --with-default-path option.
- Added -blibpath handling for AIX to work around stupid runtime linking.
Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
<jmknoble@pobox.com>
- Checks for 64 bit int types. Problem report from Mats Fredholm
<matsf@init.se>
- OpenBSD CVS updates:
- [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
[packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
[sshd.c]
pedantic: signed vs. unsigned, void*-arithm, etc
- [ssh.1 sshd.8]
Various cleanups and standardizations.
- Runtime error fix for HPUX from Otmar Stahl
<O.Stahl@lsw.uni-heidelberg.de>
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)