=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/52.html,v retrieving revision 1.26 retrieving revision 1.27 diff -c -r1.26 -r1.27 *** www/52.html 2012/09/06 10:08:55 1.26 --- www/52.html 2012/09/06 11:34:07 1.27 *************** *** 231,241 ****

New features:
- ...
The following significant bugs have been fixed in this release:
- ...

--- 231,280 ----

New features:
- sshd(8): ! This release turns on pre-auth sandboxing sshd by default for new installs, ! by setting UsePrivilegeSeparation=sandbox in sshd_config. !
- sshd-keygen(1): ! Add options to specify starting line number and number of lines to process ! when screening moduli candidates, allowing processing of different parts of ! a candidate moduli file in parallel !
- sshd(8): ! The Match directive now supports matching on the local (listen) address and ! port upon which the incoming connection was received via LocalAddress and ! LocalPort clauses. !
- sshd(8): ! Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} !
- Add support for RFC6594 SSHFP DNS records for ECDSA key types. (bz#1978) !
- sshd-keygen(1): ! Allow conversion of RSA1 keys to public PEM and PKCS8 !
- sshd(8): ! Allow the sshd_config PermitOpen directive to accept "none" as an argument to ! refuse all port-forwarding requests. !
- sshd(8): ! Support "none" as an argument for AuthorizedPrincipalsFile !
- sshd-keyscan(1): ! Look for ECDSA keys by default. (bz#1971) !
- sshd(8): ! Add "VersionAddendum" to sshd_config to allow server operators to append some ! arbitrary text to the server SSH protocol banner.
The following significant bugs have been fixed in this release:
- sshd(8) and ! ssh(1): ! Don't spin in accept() in situations of file descriptor exhaustion. Instead ! back off for a while. !
- sshd(8) and ! ssh(1): ! Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from ! the specification. (bz#2023) !
- sshd(8): ! Handle long comments in config files better. (bz#2025) !
- ssh(1): ! Delay setting tty_flag so RequestTTY options are correctly picked up. (bz#1995) !
- sshd(8): ! Fix handling of /etc/nologin incorrectly being applied to root on platforms ! that use login_cap.

*************** *** 718,724 **** alt="OpenBSD"> www@openbsd.org
! $OpenBSD: 52.html,v 1.26 2012/09/06 10:08:55 sthen Exp $ --- 757,763 ---- alt="OpenBSD"> www@openbsd.org
! $OpenBSD: 52.html,v 1.27 2012/09/06 11:34:07 rpe Exp $