===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/49.html,v
retrieving revision 1.3
retrieving revision 1.4
diff -c -r1.3 -r1.4
*** www/49.html 2011/04/08 16:10:12 1.3
--- www/49.html 2011/04/13 09:19:49 1.4
***************
*** 130,144 ****
!
OpenSSH 5.6:
- New features:
!
- The following significant bugs have been fixed in this release:
--- 130,235 ----
!
OpenSSH 5.8:
- New features:
!
! - Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
! and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA
! offer better performance than plain DH and DSA at the same
! equivalent symmetric key length, as well as much shorter keys.
! - sftp(1)
! and
! sftp-server(8):
! add a protocol extension to support a hard link operation. It is
! available through the "ln" command in the client. The old "ln"
! behaviour of creating a symlink is available using its "-s" option
! or through the preexisting "symlink" command.
! - scp(1):
! Add a new -3 option to scp: Copies between two remote hosts are
! transferred through the local host. Without this option the data is
! copied directly between the two remote hosts.
! - ssh(1):
! automatically order the hostkeys requested by the client based on
! which hostkeys are already recorded in known_hosts. This avoids
! hostkey warnings when connecting to servers with new ECDSA keys,
! since these are now preferred when learning hostkeys for the first
! time.
! - ssh(1)
! and
! sshd(8):
! add a new IPQoS option to specify arbitrary TOS/DSCP/QoS values
! instead of hardcoding lowdelay/throughput. (bz#1733)
! - sftp(1):
! the sftp client is now significantly faster at performing directory
! listings, using OpenBSD glob(3) extensions to preserve the results
! of stat(3) operations performed in the course of its execution
! rather than performing expensive round trips to fetch them again
! afterwards.
! - ssh(1):
! "atomically" create the listening mux socket by binding it on a
! temporary name and then linking it into position after listen() has
! succeeded. This allows the mux clients to determine that the server
! socket is either ready or stale without races. Stale server sockets
! are now automatically removed. (also fixes bz#1711)
! - ssh(1)
! and
! sshd(8):
! add a KexAlgorithms knob to the client and server
! configuration to allow selection of which key exchange methods are
! used by
! ssh(1)
! and
! sshd(8)
! and their order of preference.
! - sftp(1)
! and
! scp(1):
! factor out bandwidth limiting code from
! scp(1)
! into a generic bandwidth limiter that can be attached using the
! atomicio callback mechanism and use it to add a bandwidth
! limit option to
! sftp(1).
! (bz#1147)
- The following significant bugs have been fixed in this release:
! - ssh(1)
! and
! ssh-agent(1):
! honour $TMPDIR for client xauth and ssh-agent temporary
! directories. (bz#1809)
! - ssh(1):
! avoid NULL deref on receiving a channel request on an
! unknown or invalid channel. (bz#1842)
! - sshd(8):
! remove a debug() that pollutes stderr on client connecting
! to a server in debug mode. (bz#1719)
! - scp(1):
! pass through ssh command-line flags and options when doing
! remote-remote transfers, e.g. to enable agent forwarding which is
! particularly useful in this case. (bz#1837)
! - sftp-server(8):
! umask should be parsed as octal.
! - sftp(1):
! escape '[' in filename tab-completion
! - ssh(1):
! Typo in confirmation message. (bz#1827)
! - sshd(8):
! prevent free() of string in .rodata when
! overriding AuthorizedKeys in a Match block.
! - sshd(8):
! Use default shell /bin/sh if $SHELL is ""
! - ssh(1):
! kill proxy command on fatal() (we already killed it on
! clean exit).
! - ssh(1):
! install a SIGCHLD handler to reap expiried child process.
! (bz#1812)
! - Support building against openssl-1.0.0a
! - Fix vulnerability in legacy certificate signing introduced in
! OpenSSH-5.6 and found by Mateusz Kocielski.
***************
*** 613,619 ****
alt="OpenBSD">
www@openbsd.org
! $OpenBSD: 49.html,v 1.3 2011/04/08 16:10:12 deraadt Exp $