[ssh_x509] PKIX-SSH release 13.3.2

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Mon Apr 11 10:14:44 EEST 2022

Dear list members,

New "bugfix" release is available for download. It includes following:

(x) Features:
* hybrid Streamlined NTRU Prime + x25519 key exchange method
   Add to default KEX methods if is build and document use in manual pages.

(x) Bugs:
* return only requested events in ppoll compatible implementation
   Returning flags for events not requested, can apparently cause a hang.

* fmt_scaled() with negative argument
   Properly check negative argument to fmt_scaled().

* scan_scaled() and negative numbers
   Properly process negative numbers in scan_scaled().

* do not resolve ListenAddress directives in daemon "re-exec path"
   Result is never used and if the operation fails then it can prevent connections from being accepted.

* shadow password and libiaf locked account
   Fixes incorrect free when shadow password and libiaf are used.

(x) Misc:
* alarm handler signal
   In alarm handler do not send alarm to "preauth" child.

* move configure check for rlimit sandbox at end
   Prefer specific to OS sandbox.

* test "if select works with descriptor rlimit"
   Removed configure test because of its misconceptions.

* build improvement

* build with Linux auditing enabled in rpm-spec files

Roumen Petrov

More information about the ssh_x509 mailing list