Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
openssh: Update version from 7.4p1 to 7.5p1
Release notes are available online [1]. > […] > > Changes since OpenSSH 7.4 > ========================= > > This is a bugfix release. > > Security > -------- > > * ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures > that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed. > Note that the OpenSSH client disables CBC ciphers by default, sshd > offers them as lowest-preference options and will remove them by > default entriely in the next release. Reported by Jean Paul > Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of > Royal Holloway, University of London. > > * sftp-client(1): [portable OpenSSH only] On Cygwin, a client making > a recursive file transfer could be maniuplated by a hostile server to > perform a path-traversal attack. creating or modifying files outside > of the intended target directory. Reported by Jann Horn of Google > Project Zero. > > New Features > ------------ > > * ssh(1), sshd(8): Support "=-" syntax to easily remove methods from > algorithm lists, e.g. Ciphers=-*cbc. bz#2671 > > […] [1] https://www.openssh.com/txt/release-7.5
- Loading branch information
