| 1 |
To the SSH maintainer, just in case you haven't seen this yet... |
| 2 |
|
| 3 |
Best, |
| 4 |
/tom |
| 5 |
|
| 6 |
---------- Forwarded Message ---------- |
| 7 |
Date: Tuesday, October 15, 2002 20:58:29 +0200 |
| 8 |
From: Markus Friedl <Markus_Friedl@×××××.de> |
| 9 |
To: secureshell@×××××××××××××.com |
| 10 |
Cc: |
| 11 |
Subject: OpenSSH 3.5 released |
| 12 |
|
| 13 |
OpenSSH 3.5 has just been released. It will be available from the |
| 14 |
mirrors listed at http://www.openssh.com/ shortly. |
| 15 |
|
| 16 |
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 |
| 17 |
implementation and includes sftp client and server support. |
| 18 |
|
| 19 |
We would like to thank the OpenSSH community for their continued |
| 20 |
support and encouragement. |
| 21 |
|
| 22 |
|
| 23 |
Changes since OpenSSH 3.4: |
| 24 |
============================ |
| 25 |
|
| 26 |
* Improved support for Privilege Separation (Portability, Kerberos, |
| 27 |
PermitRootLogin handling). |
| 28 |
|
| 29 |
* ssh(1) prints out all known host keys for a host if it receives an |
| 30 |
unknown host key of a different type. |
| 31 |
|
| 32 |
* Fixed AES/Rijndael EVP integration for OpenSSL < 0.9.7 (caused |
| 33 |
problems with bounds checking patches for gcc). |
| 34 |
|
| 35 |
* ssh-keysign(8) is disabled by default and only enabled if the |
| 36 |
HostbasedAuthentication option is enabled in the global ssh_config(5) |
| 37 |
file. |
| 38 |
|
| 39 |
* ssh-keysign(8) uses RSA blinding in order to avoid timing attacks |
| 40 |
against the RSA host key. |
| 41 |
|
| 42 |
* A use-after-free bug was fixed in ssh-keysign(8). This bug |
| 43 |
broke hostbased authentication on several platforms. |
| 44 |
|
| 45 |
* ssh-agent(1) is now installed setgid in order to avoid ptrace(2) |
| 46 |
attacks. |
| 47 |
|
| 48 |
* ssh-agent(1) now restricts the access with getpeereid(2) (or |
| 49 |
equivalent, where available). |
| 50 |
|
| 51 |
* sshd(8) no longer uses the ASN.1 parsing code from libcrypto when |
| 52 |
verifying RSA signatures. |
| 53 |
|
| 54 |
* sshd(8) now sets the SSH_CONNECTION environment variable. |
| 55 |
|
| 56 |
* Enhanced "ls" support for the sftp(1) client, including globbing and |
| 57 |
detailed listings. |
| 58 |
|
| 59 |
* ssh(1) now always falls back to uncompressed sessions, if the |
| 60 |
server does not support compression. |
| 61 |
|
| 62 |
* The default behavior of sshd(8) with regard to user settable |
| 63 |
environ variables has changed: the new option PermitUserEnvironment |
| 64 |
is disabled by default, see sshd_config(5). |
| 65 |
|
| 66 |
* The default value for LoginGraceTime has been changed from 600 to 120 |
| 67 |
seconds, see sshd_config(5). |
| 68 |
|
| 69 |
* Removed erroneous SO_LINGER handling. |
| 70 |
|
| 71 |
|
| 72 |
Checksums: |
| 73 |
========== |
| 74 |
|
| 75 |
- MD5 (openssh-3.5p1.tar.gz) = 42bd78508d208b55843c84dd54dea848 |
| 76 |
- MD5 (openssh-3.5.tgz) = 79fc225dbe0fe71ebb6910f449101d23 |
| 77 |
|
| 78 |
|
| 79 |
Reporting Bugs: |
| 80 |
=============== |
| 81 |
|
| 82 |
- please read http://www.openssh.com/report.html |
| 83 |
and http://bugzilla.mindrot.org/ |
| 84 |
|
| 85 |
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, |
| 86 |
Kevin Steves, Damien Miller and Ben Lindstrom. |
| 87 |
|
| 88 |
---------- End Forwarded Message ---------- |
Archives