===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/52.html,v
retrieving revision 1.26
retrieving revision 1.27
diff -c -r1.26 -r1.27
*** www/52.html 2012/09/06 10:08:55 1.26
--- www/52.html 2012/09/06 11:34:07 1.27
***************
*** 231,241 ****
- New features:
- The following significant bugs have been fixed in this release:
--- 231,280 ----
- New features:
! - sshd(8):
! This release turns on pre-auth sandboxing sshd by default for new installs,
! by setting UsePrivilegeSeparation=sandbox in sshd_config.
!
- sshd-keygen(1):
! Add options to specify starting line number and number of lines to process
! when screening moduli candidates, allowing processing of different parts of
! a candidate moduli file in parallel
!
- sshd(8):
! The Match directive now supports matching on the local (listen) address and
! port upon which the incoming connection was received via LocalAddress and
! LocalPort clauses.
!
- sshd(8):
! Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups}
!
- Add support for RFC6594 SSHFP DNS records for ECDSA key types. (bz#1978)
!
- sshd-keygen(1):
! Allow conversion of RSA1 keys to public PEM and PKCS8
!
- sshd(8):
! Allow the sshd_config PermitOpen directive to accept "none" as an argument to
! refuse all port-forwarding requests.
!
- sshd(8):
! Support "none" as an argument for AuthorizedPrincipalsFile
!
- sshd-keyscan(1):
! Look for ECDSA keys by default. (bz#1971)
!
- sshd(8):
! Add "VersionAddendum" to sshd_config to allow server operators to append some
! arbitrary text to the server SSH protocol banner.
- The following significant bugs have been fixed in this release:
! - sshd(8) and
! ssh(1):
! Don't spin in accept() in situations of file descriptor exhaustion. Instead
! back off for a while.
!
- sshd(8) and
! ssh(1):
! Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from
! the specification. (bz#2023)
!
- sshd(8):
! Handle long comments in config files better. (bz#2025)
!
- ssh(1):
! Delay setting tty_flag so RequestTTY options are correctly picked up. (bz#1995)
!
- sshd(8):
! Fix handling of /etc/nologin incorrectly being applied to root on platforms
! that use login_cap.
***************
*** 718,724 ****
alt="OpenBSD">
www@openbsd.org
! $OpenBSD: 52.html,v 1.26 2012/09/06 10:08:55 sthen Exp $