===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/52.html,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- www/52.html 2012/09/06 10:08:55 1.26
+++ www/52.html 2012/09/06 11:34:07 1.27
@@ -231,11 +231,50 @@
- New features:
- - ...
+
- sshd(8):
+ This release turns on pre-auth sandboxing sshd by default for new installs,
+ by setting UsePrivilegeSeparation=sandbox in sshd_config.
+
- sshd-keygen(1):
+ Add options to specify starting line number and number of lines to process
+ when screening moduli candidates, allowing processing of different parts of
+ a candidate moduli file in parallel
+
- sshd(8):
+ The Match directive now supports matching on the local (listen) address and
+ port upon which the incoming connection was received via LocalAddress and
+ LocalPort clauses.
+
- sshd(8):
+ Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups}
+
- Add support for RFC6594 SSHFP DNS records for ECDSA key types. (bz#1978)
+
- sshd-keygen(1):
+ Allow conversion of RSA1 keys to public PEM and PKCS8
+
- sshd(8):
+ Allow the sshd_config PermitOpen directive to accept "none" as an argument to
+ refuse all port-forwarding requests.
+
- sshd(8):
+ Support "none" as an argument for AuthorizedPrincipalsFile
+
- sshd-keyscan(1):
+ Look for ECDSA keys by default. (bz#1971)
+
- sshd(8):
+ Add "VersionAddendum" to sshd_config to allow server operators to append some
+ arbitrary text to the server SSH protocol banner.
- The following significant bugs have been fixed in this release:
- - ...
+
- sshd(8) and
+ ssh(1):
+ Don't spin in accept() in situations of file descriptor exhaustion. Instead
+ back off for a while.
+
- sshd(8) and
+ ssh(1):
+ Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from
+ the specification. (bz#2023)
+
- sshd(8):
+ Handle long comments in config files better. (bz#2025)
+
- ssh(1):
+ Delay setting tty_flag so RequestTTY options are correctly picked up. (bz#1995)
+
- sshd(8):
+ Fix handling of /etc/nologin incorrectly being applied to root on platforms
+ that use login_cap.
@@ -718,7 +757,7 @@
alt="OpenBSD">
www@openbsd.org
-$OpenBSD: 52.html,v 1.26 2012/09/06 10:08:55 sthen Exp $
+$OpenBSD: 52.html,v 1.27 2012/09/06 11:34:07 rpe Exp $