Update OpenSSH from 7.4p1 to 7.5p1 #474
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SSL has been set up, so use it to securely download the source archive over HTTPS.
Release notes are available online [1]. > […] > > Changes since OpenSSH 7.4 > ========================= > > This is a bugfix release. > > Security > -------- > > * ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures > that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed. > Note that the OpenSSH client disables CBC ciphers by default, sshd > offers them as lowest-preference options and will remove them by > default entriely in the next release. Reported by Jean Paul > Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of > Royal Holloway, University of London. > > * sftp-client(1): [portable OpenSSH only] On Cygwin, a client making > a recursive file transfer could be maniuplated by a hostile server to > perform a path-traversal attack. creating or modifying files outside > of the intended target directory. Reported by Jann Horn of Google > Project Zero. > > New Features > ------------ > > * ssh(1), sshd(8): Support "=-" syntax to easily remove methods from > algorithm lists, e.g. Ciphers=-*cbc. bz#2671 > > […] [1] https://www.openssh.com/txt/release-7.5
pmenzel
force-pushed
the
update-openssh-from-7.4p1-to-7.5p1
branch
from
f7c3350
to
fff7ba2
Compare
Sign in
to join this conversation on GitHub.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
After the update, the running OpenSSH daemon can be restarted with
sudo systemctl restart sshd.service.Tested with keineahnung.