From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 19116 invoked by alias); 4 Feb 2011 12:48:25 -0000 Received: (qmail 23466 invoked by uid 22791); 4 Feb 2011 12:27:48 -0000 X-Spam-Check-By: sourceware.org Date: Fri, 04 Feb 2011 12:48:00 -0000 From: Corinna Vinschen To: cygwin-announce@cygwin.com Subject: Updated: OpenSSH-5.8p1-1 Message-ID: <20110204122737.GA6733@calimero.vinschen.de> Mail-Followup-To: cygwin-announce@cygwin.com MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Mailing-List: contact cygwin-announce-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-announce-owner@cygwin.com Reply-To: The Cygwin Mailing List Mail-Followup-To: cygwin-announce@cygwin.com X-SW-Source: 2011-02/txt/msg00003.txt.bz2 I've just updated the Cygwin version of OpenSSH to 5.8p1-1. This is an upstream security and bugfix release. The Cygwin release additionally contains a patch to the ssh-host-config and ssh-user-config scripts which additionally asks to create the new ECDSA key type. The patch has not yet been applied to the upstream repository. The official release message for 5.8p1: ==================================================================== OpenSSH 5.8 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: http://www.openssh.com/donations.html Changes since OpenSSH 5.7 ========================= Security: * Fix vulnerability in legacy certificate signing introduced in OpenSSH-5.6 and found by Mateusz Kocielski. Legacy certificates signed by OpenSSH 5.6 or 5.7 included data from the stack in place of a random nonce field. The contents of the stack do not appear to contain private data at this point, but this cannot be stated with certainty for all platform, library and compiler combinations. In particular, there exists a risk that some bytes from the privileged CA key may be accidentally included. A full advisory for this issue is available at: http://www.openssh.com/txt/legacy-cert.adv Portable OpenSSH Bugfixes: * Fix compilation failure when enableing SELinux support. * Do not attempt to call SELinux functions when SELinux is disabled. bz#1851 Checksums: ========== - SHA1 (openssh-5.8.tar.gz) = 205dece2c8b41c69b082eb65320d359987aae25b - SHA1 (openssh-5.8p1.tar.gz) = adebb2faa9aba2a3a3c8b401b2b19677ab53f0de Reporting Bugs: =============== - Please read http://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom. ==================================================================== To update your installation, click on the "Install Cygwin now" link on the http://cygwin.com/ web page. This downloads setup.exe to your system. Then, run setup and answer all of the questions. *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO *** If you want to unsubscribe from the cygwin-announce mailing list, look at the "List-Unsubscribe: " tag in the email header of this message. Send email to the address specified there. It will be in the format: cygwin-announce-unsubscribe-you=3D3Dyourdomain.com@cygwin.com If you need more information on unsubscribing, start reading here: http://sourceware.org/lists.html#unsubscribe-simple Please read *all* of the information on unsubscribing that is available starting at this URL. -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat