version 1.48, 2022/10/02 20:33:04 |
version 1.49, 2022/10/03 12:47:04 |
|
|
|
|
<li>OpenSSH 9.1 |
<li>OpenSSH 9.1 |
<ul> |
<ul> |
<li>... |
<li>Security |
|
<ul> |
|
<li>ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing |
|
<li>ssh-keygen(1): fix double free() in error path of signing/verify code |
|
<li>ssh-keysign(8): fix double-free in error path introduced in OpenSSH 8.9. |
|
</ul> |
|
<li>Potentially-incompatible changes |
|
<ul> |
|
<li>ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config |
|
are now first-match-wins to match other directives. Previously |
|
if an environment variable was multiply specified the last set |
|
value would have been used. |
|
<li>ssh-keygen(8): ssh-keygen -A (generate all default host key types) |
|
will no longer generate DSA keys, as these are insecure and have |
|
not been used by default for some years. |
|
<li>ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum |
|
RSA key length. Keys below this length will be ignored for user |
|
authentication and for host authentication in sshd(8).<br> |
|
ssh(1) will terminate a connection if the server offers an RSA key |
|
that falls below this limit, as the SSH protocol does not include |
|
the ability to retry a failed key exchange |
|
<li>sftp-server(8): add a <code>users-groups-by-id@openssh.com</code> |
|
extension request that allows the client to obtain user/group names that |
|
correspond to a set of uids/gids. |
|
<li>sftp(1): use <code>users-groups-by-id@openssh.com</code> sftp-server |
|
extension (when available) to fill in user/group names for |
|
directory listings. |
|
<li>sftp-server(8): support the <code>home-directory</code> extension |
|
request defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps |
|
a bit with the existing "expand-path@openssh.com", but some other |
|
clients support it. |
|
<li>ssh-keygen(1), sshd(8): allow certificate validity intervals, |
|
sshsig verification times and authorized_keys expiry-time options |
|
to accept dates in the UTC time zone in addition to the default |
|
of interpreting them in the system time zone. YYYYMMDD and |
|
YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed |
|
with a 'Z' character.<br> |
|
Also allow certificate validity intervals to be specified in raw |
|
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This |
|
is intended for use by regress tests and other tools that call |
|
ssh-keygen as part of a CA workflow. |
|
<li>sftp(1): allow arguments to the sftp -D option, e.g. sftp -D |
|
<code>/usr/libexec/sftp-server -el debug3</code>. |
|
<li>ssh-keygen(1): allow the existing -U (use agent) flag to work |
|
with <code>-Y sign</code> operations, where it will be interpreted to |
|
require that the private keys is hosted in an agent. |
|
</ul> |
|
<li>Bugfixes |
|
<ul> |
|
<li>ssh-keygen(1): implement the "verify-required" certificate option. |
|
This was already documented when support for user-verified FIDO |
|
keys was added, but the ssh-keygen(1) code was missing. |
|
<li>ssh-agent(1): hook up the restrict_websafe command-line flag; |
|
previously the flag was accepted but never actually used. |
|
<li>sftp(1): improve filename tab completions: never try to complete |
|
names to non-existent commands, and better match the completion |
|
type (local or remote filename) against the argument position |
|
being completed. |
|
<li>ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key |
|
handling, especially relating to keys that request |
|
user-verification. These should reduce the number of unnecessary |
|
PIN prompts for keys that support intrinsic user verification. |
|
<li>ssh-keygen(1): when enrolling a FIDO resident key, check if a |
|
credential with matching application and user ID strings already |
|
exists and, if so, prompt the user for confirmation before |
|
overwriting the credential. |
|
<li> sshd(8): improve logging of errors when opening authorized_keys |
|
files. |
|
<li>ssh(1): avoid multiplexing operations that could cause SIGPIPE from |
|
causing the client to exit early. bz3454 |
|
<li>ssh_config(5), sshd_config(5): clarify that the RekeyLimit |
|
directive applies to both transmitted and received data. |
|
<li>ssh-keygen(1): avoid double fclose() in error path. |
|
<li>sshd(8): log an error if pipe() fails while accepting a connection. |
|
<li>ssh(1), ssh-keygen(1): fix possible NULL deref when built without |
|
FIDO support. |
|
<li>ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage. |
|
<li>sshd(8): ensure that authentication passwords are cleared from |
|
memory in error paths. |
|
<li>ssh(1), ssh-agent(1): avoid possibility of notifier code executing |
|
kill(-1). |
|
<li>ssh_config(5): note that the ProxyJump directive also accepts the |
|
same tokens as ProxyCommand. |
|
<li>scp(1): do not not ftruncate(3) files early when in sftp mode. The |
|
previous behaviour of unconditionally truncating the destination |
|
file would cause <code>scp ~/foo localhost:</code> and <code>scp |
|
localhost:foo ~/</code> to delete all the contents of their destination. |
|
<li>ssh-keygen(1): improve error message when <code>ssh-keygen -Y sign |
|
</code> is unable to load a private key. |
|
<li>sftp(1), scp(1): when performing operations that glob(3) a remote |
|
path, ensure that the implicit working directory used to construct |
|
that path escapes glob(3) characters. This prevents glob characters |
|
from being processed in places they shouldn't, e.g. <code>cd |
|
/tmp/a*/</code>, <code>get *.txt</code> should have the get operation |
|
treat the path <code>/tmp/a*</code> literally and not attempt to expand |
|
it. |
|
<li>ssh(1), sshd(8): be stricter in which characters will be accepted |
|
in specifying a mask length; allow only 0-9. |
|
<li>ssh-keygen(1): avoid printing hash algorithm twice when dumping a |
|
KRL. |
|
<li>ssh(1), sshd(8): continue running local I/O for open channels |
|
during SSH transport rekeying. This should make ~-escapes work in |
|
the client (e.g. to exit) if the connection happened to have |
|
stalled during a rekey event. |
|
<li>ssh(1), sshd(8): avoid potential poll() spin during rekeying |
|
<li>Further hardening for sshbuf internals: disallow "reparenting" a |
|
hierarchical sshbuf and zero the entire buffer if reallocation |
|
fails. |
|
</ul> |
</ul> |
</ul> |
|
|
<li>mandoc 1.14.6 plus several bugfixes, including: |
<li>mandoc 1.14.6 plus several bugfixes, including: |