From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.133]) by sourceware.org (Postfix) with ESMTPS id AC228385735E for ; Thu, 16 Mar 2023 10:31:00 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org AC228385735E Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=cygwin.com Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=cygwin.com Received: from calimero.vinschen.de ([24.134.7.25]) by mrelayeu.kundenserver.de (mreue010 [212.227.15.167]) with ESMTPSA (Nemesis) id 1MhUQ7-1q79cm1Jsx-00ef5E for ; Thu, 16 Mar 2023 11:30:59 +0100 Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by calimero.vinschen.de (Postfix) with ESMTP id B6247A80723 for ; Thu, 16 Mar 2023 11:30:58 +0100 (CET) X-Mailbox-Line: From cygwin-announce-openssh-9.3p1-1 Thu Mar 16 11:28:56 2023 From: Corinna Vinschen To: cygwin-announce@cygwin.com Date: Thu, 16 Mar 2023 11:28:56 +0100 Message-Id: <20230316112856.1796531-1-corinna-cygwin@cygwin.com> Subject: openssh 9.3p1-1 X-Provags-ID: V03:K1:K+Jpj2/CnXhQOg0BqkO9c3rdd3cf53PFFwfGCIOMDF6eWfONvzM oRQw78wGdLWVLnI8GWgvL24sFgogxz3X93dwyyXfyqkjfHwnvEizQXlAKg9oL33+g9/RDyd pH3XFhCLsfzfCG0pM/8uWIpPz6bFR9fSrRqYRLsz25C1esixMs5gGvlEGvkw+FQ8k/ckFWV aVKja+1ETZQLuXclPtZ4Q== UI-OutboundReport: notjunk:1;M01:P0:/nGynZUntkc=;2jmhLHNBaXqs/eTPqI9qgUdgaDz YvOJRpGLvdutKdZBxp2/mqiuF80/PJ0oY5c911QHDEzS5zDBWNMU/1x0BpzN8fCSZaAZmKAvz HvgfVhml9Ia/En9wzRmfZWyzgKUHu2ogNhxLpPKpOnxFqvwZC0NoZ/jACr3zMJoPBLZj4yAEg 379ox1fNw0UFGt5wjN8LKYs9GRlqi/0hWLtOpP8SZFUF8/YRDu4gFbvm+hMMqupDl4rP4JEuD tjkUSMG60zgsiWdSzA9RJxd2b28q/b1CxZ4sasC2wQqW7kR1wwPKWajFSfsXngsMVSsP9Q6ly 9O23YIEljAJxySrpehe21jZtiChKVgVLB+FS2XThvlS++HSRQvWzmOmYrr00IBdbkSWXqzpMx TXmm+iHxTUULQyY018RXlFtj3moNP9yNi/3b1DuP0f24ufN6wghrdSnZ/5PLvex0c5pBWhAUR Ac7KTqjI562ie88COmJKGmedCPRxrV9xTMHRSH96itkjtt9oRoQrckXMipMLx6bbAsj+PQh0r 9Lh2gtxbDjtt/Aon4Czx4r2DvSOUW8PzdZbuPycIfpzidlR8pWIV4dpiVGyIM1EboP+fQk2qy F2Ys9+ZCf238lus4WUVzMclOMjyKED0tgMQL5VxjL+wMItsdMk1DuMYsPxQOFDZqnlLZuON90 ZeWIyUs+VeWo+aCo37qIRGsLYu/ln1Qvu9QCTgQzvA== X-Spam-Status: No, score=-96.5 required=5.0 tests=BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_DMARC_NONE,KAM_DMARC_STATUS,KAM_NUMSUBJECT,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_FAIL,SPF_HELO_NONE,TO_EQ_FM_DOM_SPF_FAIL,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: The following packages have been uploaded to the Cygwin distribution: * openssh-9.3p1-1 OpenSSH is a program for logging into a remote machine and for executing commands on a remote machine. It can replace rlogin and rsh, providing encrypted communication between two machines. Upstream announcement: OpenSSH 9.3 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html Changes since OpenSSH 9.2 ========================= This release fixes a number of security bugs. Security ======== This release contains fixes for a security problem and a memory safety problem. The memory safety problem is not believed to be exploitable, but we report most network-reachable memory faults as security bugs. * ssh-add(1): when adding smartcard keys to ssh-agent(1) with the per-hop desination constraints (ssh-add -h ...) added in OpenSSH 8.9, a logic error prevented the constraints from being communicated to the agent. This resulted in the keys being added without constraints. The common cases of non-smartcard keys and keys without destination constraints are unaffected. This problem was reported by Luci Stanescu. * ssh(1): Portable OpenSSH provides an implementation of the getrrsetbyname(3) function if the standard library does not provide it, for use by the VerifyHostKeyDNS feature. A specifically crafted DNS response could cause this function to perform an out-of-bounds read of adjacent stack data, but this condition does not appear to be exploitable beyond denial-of- service to the ssh(1) client. The getrrsetbyname(3) replacement is only included if the system's standard library lacks this function and portable OpenSSH was not compiled with the ldns library (--with-ldns). getrrsetbyname(3) is only invoked if using VerifyHostKeyDNS to fetch SSHFP records. This problem was found by the Coverity static analyzer. New features ------------ * ssh-keygen(1), ssh-keyscan(1): accept -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm selection. bz3493 * sshd(8): add a `sshd -G` option that parses and prints the effective configuration without attempting to load private keys and perform other checks. This allows usage of the option before keys have been generated and for configuration evaluation and verification by unprivileged users. Bugfixes -------- * scp(1), sftp(1): fix progressmeter corruption on wide displays; bz3534 * ssh-add(1), ssh-keygen(1): use RSA/SHA256 when testing usability of private keys as some systems are starting to disable RSA/SHA1 in libcrypto. * sftp-server(8): fix a memory leak. GHPR363 * ssh(1), sshd(8), ssh-keyscan(1): remove vestigal protocol compatibility code and simplify what's left. * Fix a number of low-impact Coverity static analysis findings. These include several reported via bz2687 * ssh_config(5), sshd_config(5): mention that some options are not first-match-wins. * Rework logging for the regression tests. Regression tests will now capture separate logs for each ssh and sshd invocation in a test. * ssh(1): make `ssh -Q CASignatureAlgorithms` work as the manpage says it should; bz3532. * ssh(1): ensure that there is a terminating newline when adding a new entry to known_hosts; bz3529 Portability ----------- * sshd(8): harden Linux seccomp sandbox. Move to an allowlist of mmap(2), madvise(2) and futex(2) flags, removing some concerning kernel attack surface. * sshd(8): improve Linux seccomp-bpf sandbox for older systems; bz3537 Checksums: ========== - SHA1 (openssh-9.3.tar.gz) = 5f9d2f73ddfe94f3f0a78bdf46704b6ad7b66ec7 - SHA256 (openssh-9.3.tar.gz) = eRcXkFZByz70DUBUcyIdvU0pVxP2X280FrmV8pyUdrk= - SHA1 (openssh-9.3p1.tar.gz) = 610959871bf8d6baafc3525811948f85b5dd84ab - SHA256 (openssh-9.3p1.tar.gz) = 6bq6dwGnalHz2Fpiw4OjydzZf6kAuFm8fbEUwYaK+Kg= Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc Reporting Bugs: =============== - Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com