applications/internet

Jump to letter: [ ABCDEFGHIJLMNOPRSTUVX ]

openssh-cavs - CAVS tests for FIPS validation

Website: http://www.openssh.com/portable.html
License: BSD
Vendor: AnNyung Packaging Team
Description:
This package contains test binaries and scripts to make FIPS validation
easier. Now contains CTR and KDF CAVS test driver.

Packages

openssh-cavs-7.4p1-23.an3.x86_64 [229 KiB] Changelog by Dmitry Belyavskiy (2023-07-20): 
- Avoid remote code execution in ssh-agent PKCS#11 support
  Resolves: CVE-2023-38408
openssh-cavs-7.4p1-22.an3.x86_64 [228 KiB] Changelog by Dmitry Belyavskiy (2021-09-30): 
- avoid segfault in Kerberos cache cleanup (#1999263)
- fix CVE-2021-41617 (#2008884)
openssh-cavs-7.4p1-21.an3.x86_64 [228 KiB] Changelog by JoungKyun.Kim (2019-08-25): 
- update for 7.7
  . Avoid double comma in the default cipher list in FIPS mode (#1722446)
  . Revert the updating of cached passwd structure (#1712053)
  . Update cached passwd structure after PAM authentication (#1674541)
  . invalidate supplemental group cache used by temporarily_use_uid()
    when the target uid differs (#1583735)
  . Enable GCM mode for AES ciphers in FIPS mode (#1600869)
- security issues
  . CVE-2018-15473 (#1619079)
openssh-cavs-7.4p1-16.an3.x86_64 [227 KiB] Changelog by Jakub Jelen (2017-11-24): 
- Fix for CVE-2017-15906 (#1517226)
openssh-cavs-7.4p1-13.an3.x86_64 [227 KiB] Changelog by Jakub Jelen (2017-09-13): 
- Revert default of GSSAPIStrictAcceptorCheck=no back to yes (#1488982)
openssh-cavs-7.4p1-12.an3.x86_64 [227 KiB] Changelog by Jakub Jelen (2017-08-07): 
- Revert upstream change to UseDNS=no back to yes (#1478175)
openssh-cavs-7.4p1-11.an3.x86_64 [227 KiB] Changelog by JoungKyun.Kim (2017-08-20): 
- applies CentOS 7.4 release
  . Rebase to openssh 7.4 and pam_ssh_agent_auth 0.10.3 (#1341754)
  . detach -cavs subpackage
  . enable seccomp filter for sandboxed child
  . Fix coverity scan results
  . Adjust FIPS algorithms list (#1420910)
  . Revert problematic feature for chroot(#1418062)
  . Fix CBC weakness in released OpenSSH 7.5
  . Do not completely disable SHA-1 key exchange methods in FIPS (#1324493)
  . Remove wrong coverity patches
  . Update seccomp filter to work on ppc64le (#1443916)
  . Fix the default key exchange proposal in FIPS mode (#1438414)
  . Remove another wrong coverity chunk to unbreak gsskex (#1438414)
  . ControlPath too long should not be a fatal error (#1447561)
  . Fix multilib issue in documentation (#1450361)
  . Allow harmless syscalls for s390 crypto modules (#1451809)
  . Add missing messages in FIPS mode (#1341754)
  . Compiler warnings (#1341754)

Listing created by Repoview-0.6.6-4.el7