- scp: Do not NUL-terminate the command for remote exec (#1489736, GH#208)
- Make devel package dependency on main package arch-specific
- Drop EL-5 support
- noarch sub-packages always available now
- Drop legacy Group: and BuildRoot: tags
- Drop explicit buildroot cleaning
- %{__isa_bits} always defined now
- New upstream release 1.8.0
- Added a basic dockerised test suite
- crypto: Add support for the mbedTLS backend
- See RELEASE-NOTES for details of bug fixes
- New upstream release 1.7.0
- diffie_hellman_sha256: Convert bytes to bits (CVE-2016-0787); see
http://www.libssh2.org/adv_20160223.html
- libssh2_session_set_last_error: Add function
- See RELEASE-NOTES for details of bug fixes
- New upstream release 1.5.0
- See RELEASE-NOTES for details of bug fixes and enhancements
- Security Advisory for CVE-2015-1782, using SSH_MSG_KEXINIT data unbounded
- New upstream release 1.4.3
- compression: add support for zlib@openssh.com
- sftp_read: return error if a too large package arrives
- libssh2_hostkey_hash.3: update the description of return value
- Fixed MSVC NMakefile
- examples: use stderr for messages, stdout for data
- openssl: do not leak memory when handling errors
- improved handling of disabled MD5 algorithm in OpenSSL
- known_hosts: Fail when parsing unknown keys in known_hosts file
- configure: gcrypt doesn't come with pkg-config support
- session_free: wrong variable used for keeping state
- libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL
- comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating
- Drop upstreamed patches
- New upstream release 1.4.2
- Return LIBSSH2_ERROR_SOCKET_DISCONNECT on EOF when reading banner
- userauth.c: fread() from public key file to correctly detect any errors
- configure.ac: add option to disable build of the example applications
- added 'Requires.private:' line to libssh2.pc
- SFTP: filter off incoming "zombie" responses
- gettimeofday: no need for a replacement under cygwin
- SSH_MSG_CHANNEL_REQUEST: default to want_reply
- win32/libssh2_config.h: remove hardcoded #define LIBSSH2_HAVE_ZLIB
- New upstream release 1.4.1
- Build error with gcrypt backend
- Always do "forced" window updates to avoid corner case stalls
- aes: the init function fails when OpenSSL has AES support
- transport_send: finish in-progress key exchange before sending data
- channel_write: acknowledge transport errors
- examples/x11.c: make sure sizeof passed to read operation is correct
- examples/x11.c: fix suspicious sizeof usage
- sftp_packet_add: verify the packet before accepting it
- SFTP: preserve the original error code more
- sftp_packet_read: adjust window size as necessary
- Use safer snprintf rather then sprintf in several places
- Define and use LIBSSH2_INVALID_SOCKET instead of INVALID_SOCKET
- sftp_write: cannot return acked data *and* EAGAIN
- sftp_read: avoid data *and* EAGAIN
- libssh2.h: add missing prototype for libssh2_session_banner_set()
- Drop upstream patches now included in release tarball
Paul Howarth
Fedora Release Engineering
Igor Gnatenko
Kamil Dudka
Tomas Mraz
Peter Robinson
Dennis Gilmore
Peter Robinson
Tom Callaway
Karsten Hopp
Richard W.M. Jones