=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/58.html,v retrieving revision 1.26 retrieving revision 1.27 diff -c -r1.26 -r1.27 *** www/58.html 2015/08/10 15:21:51 1.26 --- www/58.html 2015/08/10 19:44:09 1.27 *************** *** 162,167 **** --- 162,182 ----

Security:
- ssh(1): + when forwarding X11 connections with ForwardX11Trusted=no, + connections made after ForwardX11Timeout expired could be + permitted and no longer subject to XSECURITY restrictions because of + an ineffective timeout check in + ssh(1) + coupled with "fail open" behaviour in the X11 server when clients + attempted connections with expired credentials. + This problem was reported by Jann Horn. +
- ssh-agent(1): + fix weakness of agent locking (ssh-add -x) to + password guessing by implementing an increasing failure delay, + storing a salted hash of the password rather than the password + itself and using a timing-safe comparison function for verifying + unlock attempts. This problem was reported by Ryan Castellucci.
- sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-writable. Local attackers may be able to write arbitrary messages to logged-in *************** *** 195,200 **** --- 210,239 ----
New/changed features:
- ssh(1), + sshd(8): + promote chacha20-poly1305@openssh.com to be the default + cipher. +
- sshd(8): + support admin-specified arguments to AuthorizedKeysCommand. + (bz#2081) +
- sshd(8): + add AuthorizedPrincipalsCommand that allows retrieving + authorized principals information from a subprocess rather than a + file. +
- ssh(1), + ssh-add(1): + support PKCS#11 devices with external PIN entry devices. (bz#2240) +
- sshd(8): + allow GSSAPI host credential check to be relaxed for multihomed + hosts via GSSAPIStrictAcceptorCheck option. (bz#928) +
- ssh-keygen(1): + support ssh-keygen -lF hostname to search known_hosts + and print key hashes rather than full keys. +
- ssh-agent(1): + add -D flag to leave + ssh-agent(1) + in foreground without enabling debug mode. (bz#2381)
- ssh_config(5): add PubkeyAcceptedKeyTypes option to control which public key types are available for user authentication. *************** *** 214,219 **** --- 253,331 ----
  - ssh(1), sshd(8): + deprecate legacy SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message and + do not try to use it against some 3rd-party SSH implementations that + use it (older PuTTY, WinSCP). +
  - Many fixes for problems caused by compile-time deactivation of + SSH1 support. (including bz#2369) +
  - ssh(1), + sshd(8): + cap DH-GEX group size at 4Kbits for Cisco implementations as some + would fail when attempting to use group sizes greater than 4K. + (bz#2209) +
  - ssh(1): + fix out-of-bound read in EscapeChar configuration option + parsing. (bz#2396) +
  - sshd(8): + fix application of PermitTunnel, LoginGraceTime, + AuthenticationMethods and StreamLocalBindMask + options in Match blocks. +
  - ssh(1), + sshd(8): + improve disconnection message on TCP reset. (bz#2257) +
  - ssh(1): + remove failed remote forwards established by multiplexing from the + list of active forwards. (bz#2363) +
  - sshd(8): + make parsing of authorized_keys "environment=" + options independent of PermitUserEnv being enabled. (bz#2329) +
  - sshd(8): + fix post-auth crash with permitopen=none. (bz#2355) +
  - ssh(1), + ssh-add(1), + ssh-keygen(1): + allow new-format private keys to be encrypted with AEAD ciphers. + (bz#2366) +
  - ssh(1): + allow ListenAddress, Port and AddressFamily + configuration options to appear in any order. (bz#86) +
  - sshd(8): + check for and reject missing arguments for VersionAddendum + and ForceCommand. (bz#2281) +
  - ssh(1), + sshd(8): + don't treat unknown certificate extensions as fatal. (bz#2387) +
  - ssh-keygen(1): + make stdout and stderr output consistent. (bz#2325) +
  - ssh(1): + mention missing DISPLAY environment in debug log when X11 + forwarding requested. (bz#1682) +
  - sshd(8): + correctly record login when UseLogin is set. (bz#378) +
  - sshd(8): + add some missing options to sshd -T output and fix output + of VersionAddendum and HostCertificate. (bz#2346) +
  - Document and improve consistency of options that accept a + "none" argument: TrustedUserCAKeys, + RevokedKeys (bz#2382), AuthorizedPrincipalsFile + (bz#2288). +
  - ssh(1): + include remote username in debug output. (bz#2368) +
  - sshd(8): + avoid compatibility problem with some versions of Tera Term, which + would crash when they received the hostkeys notification message + (hostkeys-00@openssh.com). +
  - sshd(8): + mention ssh-keygen -E as useful when comparing legacy + MD5 host key fingerprints. (bz#2332) +
  - ssh(1): + clarify pseudo-terminal request behaviour and use make manual language + consistent. (bz#1716) +
  - ssh(1): + document that the TERM environment variable is not subject + to SendEnv and AcceptEnv. (bz#2386) +
  - ssh(1), + sshd(8): add compatability workarounds for Cisco and more PuTTY versions. (bz#2424)
  - Fix some omissions and errors in the PROTOCOL and *************** *** 242,249 ****
    - User-visible features:
      - Switched openssl dhparam default from 512 to 2048 bits. -
      - More CRYPTO ByteString (CBS) packet parsing conversions.
      - Fixed openssl pkeyutl -verify to exit with a 0 on success.
      - Fixed dozens of Coverity issues including dead code, memory leaks, logic errors and more. --- 354,370 ----
        
        User-visible features:
        +
        Reject all server DH keys smaller than 1024 bits. +
        Multiple CVEs fixed including CVE-2015-0207, CVE-2015-0209, + CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, + CVE-2015-1788, CVE-2015-1789, CVE-2015-1792. +
        Protocol parsing conversions to BoringSSL's CRYPTO ByteString + (CBS) API. +
        Added EC_curve_nid2nist and EC_curve_nist2nid + from OpenSSL. +
        Removed Dynamic Engine support. +
        Removed MDC-2DES support.
        Switched openssl dhparam default from 512 to 2048 bits.
        Fixed openssl pkeyutl -verify to exit with a 0 on success.
        Fixed dozens of Coverity issues including dead code, memory leaks, logic errors and more. *************** *** 271,276 **** --- 392,408 ----
        
        Code improvements:
        +
        Fix incorrect comparison function in openssl(1) certhash command. + Thanks to Christian Neukirchen / Void Linux. +
        Removal of OPENSSL_issetugid and all library getenv calls. + Applications can and should no longer rely on environment variables + for changing library behavior. + OPENSSL_CONF/SSLEAY_CONF is still supported with the + openssl(1) + command. +
        libtls API and documentation additions. +
        rious bug fixes and simplifications to libssl and + libcrypto.
        Reworked openssl(1) option handling.