This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
oar_2.5.7 [2016/04/07 17:29] – neyron | oar_2.5.7 [2016/04/07 18:08] (current) – [Changelog] neyron | ||
---|---|---|---|
Line 17: | Line 17: | ||
eventually allow one to disclose part of private ssh keys (CVE-2016-1235). | eventually allow one to disclose part of private ssh keys (CVE-2016-1235). | ||
- | As usually, OAR 2.5.7 is distributed as RPM ([[download# | + | As usually, OAR 2.5.7 is distributed as RPM ([[download# |
== Note for Debian stable and old stable == | == Note for Debian stable and old stable == | ||
Line 26: | Line 26: | ||
fix the vulnerability. | fix the vulnerability. | ||
- | Nevertheless, for those stable distributions, | + | However, for those stable distributions, |
[[http:// | [[http:// | ||
Line 34: | Line 34: | ||
recommanded to upgrade, since all previous versions of OAR are affected. | recommanded to upgrade, since all previous versions of OAR are affected. | ||
- | * [oarsh] fix a security hole when passing option to OpenSSH. See oar.conf to | + | * [oarsh] fix a security hole when passing option to OpenSSH. See oar.conf to adapt settings to your setup, if required (OARSH_* variables) |
- | | + | * [oarsh] dropped the mechanism to select whether to use oarsh or fall back to ssh, given a list of hostname patterns |
- | * [oarsh] dropped the mechanism to select whether to use oarsh or fall back | + | |
- | | + | |
* [oarsub] fix the job-key information of the manual page | * [oarsub] fix the job-key information of the manual page | ||
* [oarsub] handle cases where trailing spaces were breaking oarsub script directives | * [oarsub] handle cases where trailing spaces were breaking oarsub script directives |