version 1.15, 2024/03/23 14:06:26 |
version 1.16, 2024/03/23 18:46:47 |
|
|
</ul> |
</ul> |
</ul> |
</ul> |
|
|
<li>OpenSSH 9.x and OpenSSH 9.x |
<li>OpenSSH 9.6 and OpenSSH 9.7 |
<ul> |
<ul> |
<li>Potentially incompatible changes |
<li>Security fixes |
<ul> |
<ul> |
<li>... |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, <a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: implement protocol extensions to thwart the |
|
so-called "Terrapin attack" discovered by Fabian Bäumer, Marcus |
|
Brinkmann and Jörg Schwenk. This attack allows a MITM to effect a |
|
limited break of the integrity of the early encrypted SSH transport |
|
protocol by sending extra messages prior to the commencement of |
|
encryption, and deleting an equal number of consecutive messages |
|
immediately after encryption starts. A peer SSH client/server |
|
would not be able to detect that messages were deleted. |
|
|
|
<br>While cryptographically novel, the security impact of this attack |
|
is fortunately very limited as it only allows deletion of |
|
consecutive messages, and deleting most messages at this stage of |
|
the protocol prevents user user authentication from proceeding and |
|
results in a stuck connection. |
|
|
|
<br>The most serious identified impact is that it lets a MITM to |
|
delete the SSH2_MSG_EXT_INFO message sent before authentication |
|
starts, allowing the attacker to disable a subset of the keystroke |
|
timing obfuscation features introduced in OpenSSH 9.5. There is no |
|
other discernable impact to session secrecy or session integrity. |
|
|
|
<li><a href='https://man.openbsd.org/ssh-agent.1'>ssh-agent(1)</a>: when adding PKCS#11-hosted private keys while |
|
specifying destination constraints, if the PKCS#11 token returned |
|
multiple keys then only the first key had the constraints applied. |
|
Use of regular private keys, FIDO tokens and unconstrained keys |
|
are unaffected. |
|
|
|
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>: if an invalid user or hostname that contained shell |
|
metacharacters was passed to <a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, and a ProxyCommand, |
|
LocalCommand directive or "match exec" predicate referenced the |
|
user or hostname via %u, %h or similar expansion token, then |
|
an attacker who could supply arbitrary user/hostnames to <a href='https://man.openbsd.org/ssh.1'>ssh(1)</a> |
|
could potentially perform command injection depending on what |
|
quoting was present in the user-supplied <a href='https://man.openbsd.org/ssh_config.5'>ssh_config(5)</a> directive. |
|
|
|
<br>OpenSSH 9.6 now |
|
bans most shell metacharacters from user and hostnames supplied |
|
via the command-line. This countermeasure is not guaranteed to be |
|
effective in all situations, as it is infeasible for <a href='https://man.openbsd.org/ssh.1'>ssh(1)</a> to |
|
universally filter shell metacharacters potentially relevant to |
|
user-supplied commands. |
|
|
|
<br>User/hostnames provided via <a href='https://man.openbsd.org/ssh_config.5'>ssh_config(5)</a> are not subject to these |
|
restrictions, allowing configurations that use strange names to |
|
continue to be used, under the assumption that the user knows what |
|
they are doing in their own configuration files. |
</ul> |
</ul> |
<li>New features |
<li>New features |
<ul> |
<ul> |
<li>... |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, <a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: add a "global" ChannelTimeout type that watches |
|
all open channels and will close all open channels if there is no |
|
traffic on any of them for the specified interval. This is in |
|
addition to the existing per-channel timeouts added recently. |
|
<br>This supports situations like having both session and x11 |
|
forwarding channels open where one may be idle for an extended |
|
period but the other is actively used. The global timeout could |
|
close both channels when both have been idle for too long. |
|
|
|
<li>All: make DSA key support compile-time optional, defaulting to on. |
</ul> |
</ul> |
<li>Bugfixes |
<li>Bugfixes |
<ul> |
<ul> |
<li>... |
<li><a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: don't append an unnecessary space to the end of subsystem |
|
arguments (<a href='https://bugzilla.mindrot.org/show_bug.cgi?id=3667'>bz3667</a>) |
|
|
|
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>: fix the multiplexing "channel proxy" mode, broken when |
|
keystroke timing obfuscation was added. (<a href='https://github.com/openssh/openssh-portable/pull/463'>GHPR#463</a>) |
|
|
|
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, <a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: fix spurious configuration parsing errors when |
|
options that accept array arguments are overridden (<a href='https://bugzilla.mindrot.org/show_bug.cgi?id=3657'>bz3657</a>). |
|
|
|
<li><a href='https://man.openbsd.org/ssh-agent.1'>ssh-agent(1)</a>: fix potential spin in signal handler (<a href='https://bugzilla.mindrot.org/show_bug.cgi?id=3670'>bz3670</a>) |
|
|
|
<li>Many fixes to manual pages and other documentation, including |
|
<a href='https://github.com/openssh/openssh-portable/pull/462'>GHPR#462</a>, <a href='https://github.com/openssh/openssh-portable/pull/454'>GHPR#454</a>, <a href='https://github.com/openssh/openssh-portable/pull/442'>GHPR#442</a> and <a href='https://github.com/openssh/openssh-portable/pull/441'>GHPR#441</a>. |
|
|
|
<li>Greatly improve interop testing against PuTTY. |
</ul> |
</ul> |
</ul> |
</ul> |
|
|