===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/75.html,v
retrieving revision 1.15
retrieving revision 1.16
diff -c -r1.15 -r1.16
*** www/75.html 2024/03/23 14:06:26 1.15
--- www/75.html 2024/03/23 18:46:47 1.16
***************
*** 414,432 ****
!
OpenSSH 9.x and OpenSSH 9.x
! - Potentially incompatible changes
- New features
- Bugfixes
--- 414,500 ----
! OpenSSH 9.6 and OpenSSH 9.7
! - Security fixes
! - ssh(1), sshd(8): implement protocol extensions to thwart the
! so-called "Terrapin attack" discovered by Fabian Bäumer, Marcus
! Brinkmann and Jörg Schwenk. This attack allows a MITM to effect a
! limited break of the integrity of the early encrypted SSH transport
! protocol by sending extra messages prior to the commencement of
! encryption, and deleting an equal number of consecutive messages
! immediately after encryption starts. A peer SSH client/server
! would not be able to detect that messages were deleted.
!
!
While cryptographically novel, the security impact of this attack
! is fortunately very limited as it only allows deletion of
! consecutive messages, and deleting most messages at this stage of
! the protocol prevents user user authentication from proceeding and
! results in a stuck connection.
!
!
The most serious identified impact is that it lets a MITM to
! delete the SSH2_MSG_EXT_INFO message sent before authentication
! starts, allowing the attacker to disable a subset of the keystroke
! timing obfuscation features introduced in OpenSSH 9.5. There is no
! other discernable impact to session secrecy or session integrity.
!
! - ssh-agent(1): when adding PKCS#11-hosted private keys while
! specifying destination constraints, if the PKCS#11 token returned
! multiple keys then only the first key had the constraints applied.
! Use of regular private keys, FIDO tokens and unconstrained keys
! are unaffected.
!
!
- ssh(1): if an invalid user or hostname that contained shell
! metacharacters was passed to ssh(1), and a ProxyCommand,
! LocalCommand directive or "match exec" predicate referenced the
! user or hostname via %u, %h or similar expansion token, then
! an attacker who could supply arbitrary user/hostnames to ssh(1)
! could potentially perform command injection depending on what
! quoting was present in the user-supplied ssh_config(5) directive.
!
!
OpenSSH 9.6 now
! bans most shell metacharacters from user and hostnames supplied
! via the command-line. This countermeasure is not guaranteed to be
! effective in all situations, as it is infeasible for ssh(1) to
! universally filter shell metacharacters potentially relevant to
! user-supplied commands.
!
!
User/hostnames provided via ssh_config(5) are not subject to these
! restrictions, allowing configurations that use strange names to
! continue to be used, under the assumption that the user knows what
! they are doing in their own configuration files.
- New features
! - ssh(1), sshd(8): add a "global" ChannelTimeout type that watches
! all open channels and will close all open channels if there is no
! traffic on any of them for the specified interval. This is in
! addition to the existing per-channel timeouts added recently.
!
This supports situations like having both session and x11
! forwarding channels open where one may be idle for an extended
! period but the other is actively used. The global timeout could
! close both channels when both have been idle for too long.
!
! - All: make DSA key support compile-time optional, defaulting to on.
- Bugfixes
! - sshd(8): don't append an unnecessary space to the end of subsystem
! arguments (bz3667)
!
!
- ssh(1): fix the multiplexing "channel proxy" mode, broken when
! keystroke timing obfuscation was added. (GHPR#463)
!
!
- ssh(1), sshd(8): fix spurious configuration parsing errors when
! options that accept array arguments are overridden (bz3657).
!
!
- ssh-agent(1): fix potential spin in signal handler (bz3670)
!
!
- Many fixes to manual pages and other documentation, including
! GHPR#462, GHPR#454, GHPR#442 and GHPR#441.
!
!
- Greatly improve interop testing against PuTTY.