===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/59.html,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- www/59.html 2016/02/02 02:19:31 1.15
+++ www/59.html 2016/02/03 14:58:49 1.16
@@ -128,19 +128,46 @@
- Security:
- - ...
+
- Qualys Security identified vulnerabilities in the
+ ssh(1)
+ client experimential support for resuming SSH-connections (roaming).
+ In the default configuration, this could potentially leak client keys
+ to a hostile server. The authentication of the server host key
+ prevents exploitation by a man-in-the-middle, so this information leak
+ is restricted to connections to malicious or compromised servers.
+ This feature has been disabled in the
+ ssh(1)
+ client, and it has been removed from the source tree. The matching
+ server code has never been shipped.
+
- sshd(8):
+ OpenSSH 7.0 contained a logic error in
+ PermitRootLogin=prohibit-password/without-password that could,
+ depending on compile-time configuration, permit password authentication
+ to root while preventing other forms of authentication.
+
- ssh(1):
+
- Eliminate the fallback from untrusted X11-forwarding to trusted
+ forwarding for cases when the X server disables the SECURITY
+ extension.
+
- Fix an out of-bound read access in the packet handling code.
+
- Further use of explicit_bzero has been added in various buffer
+ handling code paths to guard against compilers aggressively doing
+ dead-store removal.
- - Potentially-incompatible changes:
-
-
- New/changed features:
-
- The following significant bugs have been fixed in this release:
- - ...
+
- ssh(1),
+ sshd(8):
+ add compatability workarounds for FuTTY.
+
- ssh(1),
+ sshd(8):
+ refine compatability workarounds for WinSCP.
+
- Fix a number of memory faults (double-free, free of uninitialised
+ memory, etc) in
+ ssh(1)
+ and
+ ssh-keygen(1).
+
- Correctly interpret the 'first_kex_follows' option during the intial
+ key exchange.