1 |
To the SSH maintainer, just in case you haven't seen this yet... |
2 |
|
3 |
Best, |
4 |
/tom |
5 |
|
6 |
---------- Forwarded Message ---------- |
7 |
Date: Tuesday, October 15, 2002 20:58:29 +0200 |
8 |
From: Markus Friedl <Markus_Friedl@×××××.de> |
9 |
To: secureshell@×××××××××××××.com |
10 |
Cc: |
11 |
Subject: OpenSSH 3.5 released |
12 |
|
13 |
OpenSSH 3.5 has just been released. It will be available from the |
14 |
mirrors listed at http://www.openssh.com/ shortly. |
15 |
|
16 |
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 |
17 |
implementation and includes sftp client and server support. |
18 |
|
19 |
We would like to thank the OpenSSH community for their continued |
20 |
support and encouragement. |
21 |
|
22 |
|
23 |
Changes since OpenSSH 3.4: |
24 |
============================ |
25 |
|
26 |
* Improved support for Privilege Separation (Portability, Kerberos, |
27 |
PermitRootLogin handling). |
28 |
|
29 |
* ssh(1) prints out all known host keys for a host if it receives an |
30 |
unknown host key of a different type. |
31 |
|
32 |
* Fixed AES/Rijndael EVP integration for OpenSSL < 0.9.7 (caused |
33 |
problems with bounds checking patches for gcc). |
34 |
|
35 |
* ssh-keysign(8) is disabled by default and only enabled if the |
36 |
HostbasedAuthentication option is enabled in the global ssh_config(5) |
37 |
file. |
38 |
|
39 |
* ssh-keysign(8) uses RSA blinding in order to avoid timing attacks |
40 |
against the RSA host key. |
41 |
|
42 |
* A use-after-free bug was fixed in ssh-keysign(8). This bug |
43 |
broke hostbased authentication on several platforms. |
44 |
|
45 |
* ssh-agent(1) is now installed setgid in order to avoid ptrace(2) |
46 |
attacks. |
47 |
|
48 |
* ssh-agent(1) now restricts the access with getpeereid(2) (or |
49 |
equivalent, where available). |
50 |
|
51 |
* sshd(8) no longer uses the ASN.1 parsing code from libcrypto when |
52 |
verifying RSA signatures. |
53 |
|
54 |
* sshd(8) now sets the SSH_CONNECTION environment variable. |
55 |
|
56 |
* Enhanced "ls" support for the sftp(1) client, including globbing and |
57 |
detailed listings. |
58 |
|
59 |
* ssh(1) now always falls back to uncompressed sessions, if the |
60 |
server does not support compression. |
61 |
|
62 |
* The default behavior of sshd(8) with regard to user settable |
63 |
environ variables has changed: the new option PermitUserEnvironment |
64 |
is disabled by default, see sshd_config(5). |
65 |
|
66 |
* The default value for LoginGraceTime has been changed from 600 to 120 |
67 |
seconds, see sshd_config(5). |
68 |
|
69 |
* Removed erroneous SO_LINGER handling. |
70 |
|
71 |
|
72 |
Checksums: |
73 |
========== |
74 |
|
75 |
- MD5 (openssh-3.5p1.tar.gz) = 42bd78508d208b55843c84dd54dea848 |
76 |
- MD5 (openssh-3.5.tgz) = 79fc225dbe0fe71ebb6910f449101d23 |
77 |
|
78 |
|
79 |
Reporting Bugs: |
80 |
=============== |
81 |
|
82 |
- please read http://www.openssh.com/report.html |
83 |
and http://bugzilla.mindrot.org/ |
84 |
|
85 |
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, |
86 |
Kevin Steves, Damien Miller and Ben Lindstrom. |
87 |
|
88 |
---------- End Forwarded Message ---------- |