OpenSSH 7.0 released

OpenSSH 7.0 released

OpenSSH 7.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. From: Damien Miller <djm@cvs.openbsd.org> Date: Tue, 11 Aug 2015 06:53:24 -0600 (MDT) To: news@linuxsecurity.com Subject: Announce: OpenSSH 7.0 released OpenSSH 7.0 has just been released. It will be available from the mirrors listed at  http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and  server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5  protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community for their continued support of  the project, especially those who contributed code or patches, reported bugs, tested  snapshots or donated to the project. More information on donations may be found at:  http://www.openssh.com/donations.html Future deprecation notice ========================= We plan on retiring more legacy cryptography in the next release including: * Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits) * Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants  and the rijndael-cbc aliases for AES. * MD5-based HMAC algorithms will be disabled by default. This list reflects our current intentions, but please check the final release notes for  OpenSSH  7.1 when it is released. Changes since OpenSSH 6.9 ========================= This focus of this release is primarily to deprecate weak, legacy and/or unsafe  cryptography. Security -------- * sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world- writable. Local attackers  may  be able to write arbitrary messages to logged-in users, including terminal escape sequences.  Reported by Nikolay Edigaryev. * sshd(8): Portable OpenSSH only: Fixed a privilege separation weakness related to PAM  support.  Attackers who could successfully compromise the pre-authentication process for remote  code  execution and who had valid credentials on the host could impersonate other users.  Reported by Moritz Jodeit. * sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that  was  reachable by attackers who could compromise the pre-authentication process for remote  code execution. Also reported by Moritz Jodeit. * sshd(8): fix circumvention of MaxAuthTries using keyboard- interactive authentication. By  specifying a long, repeating keyboard-interactive "devices" string, an attacker could request  the same authentication method be tried thousands of times in a single pass. The  LoginGraceTime timeout in sshd(8) and any authentication failure delays implemented by  the authentication mechanism itself were still applied. Found by Kingcope. Potentially-incompatible Changes -------------------------------- * Support for the legacy SSH version 1 protocol is disabled by default at compile time. * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is disabled by default at  run-time. It may be re-enabled using the instructions at   http://www.openssh.com/legacy.html * Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by default at run-time.  These may be re-enabled using the instructions at http://www.openssh.com/legacy.html * Support for the legacy v00 cert format has been removed. * The default for the sshd_config(5) PermitRootLogin option has changed from "yes" to  "prohibit-password". * PermitRootLogin=without-password/prohibit-password now bans all interactive  authentication methods, allowing only public-key, hostbased and GSSAPI authentication  (previously it permitted keyboard-interactive and password-less authentication if those  were enabled). New Features ------------ * ssh_config(5): add PubkeyAcceptedKeyTypes option to control which public key types are  available  for user authentication. * sshd_config(5): add HostKeyAlgorithms option to control which public key types are  offered for host authentications. * ssh(1), sshd(8): extend Ciphers, MACs, KexAlgorithms, HostKeyAlgorithms,    PubkeyAcceptedKeyTypes  and HostbasedKeyTypes options to allow appending to the   default set of algorithms instead of replacing it.   Options may now be prefixed with a '+' to append to the default, e.g.   "HostKeyAlgorithms=+ssh-dss". * sshd_config(5): PermitRootLogin now accepts an argument of 'prohibit-password' as a    less-ambiguous synonym of 'without- password'. Bugfixes -------- * ssh(1), sshd(8): add compatability workarounds for Cisco and more PuTTY versions.    bz#2424 * Fix some omissions and errors in the PROTOCOL and PROTOCOL.mux documentation     relating to Unix domain socket forwarding; bz#2421 bz#2422 * ssh(1): Improve the ssh(1) manual page to include a better description of Unix domain    socket forwarding; bz#2423 * ssh(1), ssh-agent(1): skip uninitialised PKCS#11 slots, fixing failures to load keys when     they are present. bz#2427 * ssh(1), ssh-agent(1): do not ignore PKCS#11 hosted keys that wth empty CKA_ID; bz#2429 * sshd(8): clarify documentation for UseDNS option; bz#2045 Portable OpenSSH ---------------- * Check realpath(3) behaviour matches what sftp-server requires and use a replacement  if necessary. Checksums: ========== - SHA1 (openssh-7.0.tar.gz) = a19ff0bad2a67348b1d01a38a9580236120b7099 - SHA256 (openssh-7.0.tar.gz) = 4F6HV/ZqT465f3sMB2vIkXO+wrYtL5hnqzAymfbZ1Jk= - SHA1 (openssh-7.0p1.tar.gz) = d8337c9eab91d360d104f6dd805f8b32089c063c - SHA256 (openssh-7.0p1.tar.gz) = /VkySToZ9MgRU9gS7k4EK0m707dZqz2TRKvswrwUheU=  Please note that the PGP key used to sign releases was recently rotated. The new key has   been signed  by the old key to provide continuity. It is available from the mirror sites as   RELEASE_KEY.asc. Reporting Bugs: =============== - Please read http://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com