[openssh-commits] [openssh] annotated tag V_9_1_P1 created (now 0658795f)
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Oct 4 21:45:49 AEDT 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a change to annotated tag V_9_1_P1
in repository openssh.
at 0658795f (tag)
tagging 0ffb46f2ee2ffcc4daf45ee679e484da8fcf338c (commit)
replaces V_9_0_P1
tagged by Damien Miller
on Tue Oct 4 01:55:37 2022 +1100
- Log -----------------------------------------------------------------
openssh-9.1
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ
AAAAhuaXN0cDI1NgAAAEEEucmjdlUMQ1hkZebm472VTtvSIMWrmAelO7Uxoc9ZMR892/D4
CMVBD+rliLO4wmRcawx1iZuUkQllgemb0hLtmQAAAARzc2g6AAAAA2dpdAAAAAAAAAAGc2
hhNTEyAAAAeQAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAASgAA
ACEAp0PVxV5ha5LFbcAGVcX0EWzsdQuieLL7ldurFP+plYkAAAAhAJKl5zjfkGFisIWvoY
fWKCuAWUTz9dCKTWV4LspIigrUAAAAAKg=
-----END SSH SIGNATURE-----
Corinna Vinschen (5):
compat code for fido_dev_is_winhello()
check_sk_options: add temporary WinHello workaround
sk_sign: set FIDO2 uv attribute explicitely for WinHello
fido_dev_is_winhello: return 0, not "false"
Revert "check_sk_options: add temporary WinHello workaround"
Damien Miller (19):
update build-aux files to match autoconf-2.71
Revert "update build-aux files to match autoconf-2.71"
fuzzer for authorized_keys parsing
fix some bugs in the fuzzer
fix possible NULL deref when built without FIDO
automatically enable built-in FIDO support
request 1.1x API compatibility for OpenSSL >=3.x
fix broken case statement in previous
crank SSH_SK_VERSION_MAJOR in sk-dummy.so
fix SANDBOX_SECCOMP_FILTER_DEBUG
on Cygwin, prefer WinHello FIDO device
initial list of allowed signers
cross-sign allowed_signers with PGP key
additional keys
avoid Wuninitialized false positive in gcc-12ish
no need for glob.h here
crank versions in RPM spec files
update release notes URL
update .depend
Darren Tucker (71):
Retire fbsd6 test VM.
Resync moduli.5 with upstream.
Cache timezone data in capsicum sandbox.
Include stdlib.h for free() prototype.
Update OpenSSL and LibreSSL versions in tests.
Add debian-riscv64 test target.
Remove now-empty int32_minmax.inc.
Only run tests when source files change.
Add Mac OS X 12 test target.
Add ubsan minimal testcase on OpenBSD.
Note that, for now, we need variadic macros.
Also retest OpenBSD upstream on .yml changes.
Test against LibreSSL 3.5.3.
Test against OpenSSL 1.1.1o and 3.0.3.
Disable SK support if FIDO libs not found.
Zero out LIBFIDO2 when SK support not usable.
Update OpenSSL tests to the most recent releases.
Skip select+rlimit check if sandboxing is disabled
Move checks for pollfd.fd and nfds_t.
Skip all rlimit tests when sandboxing disabled.
Add clang sanitizer tests.
Move sanitizer logs into regress for collection.
Add GCC address sanitizer build/test.
Update sanitizer test targets:
Test against openssl-3.0.5.
Move unset to before we set anything.
Refuse to use OpenSSL 3.0.4 due to potential RCE.
Capture stderr output from configure.
Only refuse to use OpenSSL 3.0.4 on x86_64.
Remove special casing of crypt().
Clarify README.md text.
Split README.platform into its own line.
Return ERANGE from getcwd() if buffer size is 1.
Remove unintended changes.
Add AUDIT_ARCH_PPC to supported seccomp arches.
Rename bbone test target to ARM.
Move vmshutdown to first step.
Skip scp3 test if there's no scp on remote path.
Convert "have_prog" function into "which".
Remove workarounds for OpenSSL missing AES-GCM.
Remove workarounds for OpenSSL missing AES-CTR.
Do not link scp, sftp and sftp-server w/ zlib.
Group libcrypto and PRNGD checks together.
Remove seed_rng calls from scp, sftp, sftp-server.
Move libcrypto into CHANNELLIBS.
Move stale-configure check as early as possible.
Remove deprecated MacOS 10.15 runners.
Include CHANNEL and FIDO2 libs in configure output
Factor out getrnd() and rename to getentropy().
Give unused param a name.
Actually put HAVE_STDINT_H around the stdint.h.
Rename our getentropy to prevent possible loops.
Test hostbased auth on github runners.
Fix conditional for running hostbased tests.
Skip hostbased during Valgrind tests.
Rerun tests if any .github config file changes.
Add a timegm implementation from Heimdal via Samba.
Replace deprecated ubuntu-18.04 runners with 22.04
Check for perms to run agent-getpeereid test.
Add Cygwin (on windows-2019) test target.
Add a bit more debug output.
Fix cygwin conditional steps.
Install Cygwin packages based on OS not config.
Add cygwin-release test target.
Add Windows 2022 test targets.
Add libcrypt-devel to cygwin-release deps.
Move sftp from valgrind-2 to 3 to rebalance.
Remove arc4random_uniform from arc4random.c
Move OPENBSD ORIGINAL marker.
Resync arc4random with OpenBSD.
Remove DEF_WEAK, it's already in defines.h.
Sam James (1):
openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf
Tim Rice (1):
configure.ac: Add missing AC_DEFINE for caph_cache_tzdata test causing
Tobias Heider (1):
Remove duplicate bcrypt_pbkdf.o from Makefile
anton at openbsd.org (1):
upstream: Only run agent-ptrace.sh if gdb is available as all
djm at openbsd.org (66):
upstream: two defensive changes from Tobias Stoeckmann via GHPR287
upstream: clear io_want/io_ready flags at start of poll() cycle;
upstream: Try to continue running local I/O for channels in state
upstream: regression test for sftp cp command
upstream: avoid printing hash algorithm twice; from lucas AT sexy.is
upstream: fix memleak on session-bind path; from Pedro Martelletto, ok
upstream: mention that the helpers are used by ssh(1), ssh-agent(1)
upstream: be stricter in which characters will be accepted in
upstream: fix some integer overflows in sieve_large() that show up when
upstream: mux.c: mark argument as const; from Martin Vahlensieck
upstream: channel_new no longer frees remote_name. So update the
upstream: sshkey_unshield_private() contains a exact duplicate of
upstream: When performing operations that glob(3) a remote path, ensure
upstream: improve error message when 'ssh-keygen -Y sign' is unable to
upstream: Allow existing -U (use agent) flag to work with "-Y sign"
upstream: arrange for scp, when in sftp mode, to not ftruncate(3) files
upstream: fix in-place copies; r1.163 incorrectly skipped truncation in
upstream: regress test for in-place transfers and clobbering larger
upstream: make SSHBUF_DBG/SSHBUF_TELL (off by default and only enabled
upstream: revert previous; it was broken (spotted by Theo)
upstream: refactor authorized_keys/principals handling
upstream: split the low-level file handling functions out from
upstream: Make SetEnv directives first-match-wins in both
upstream: test setenv in both client and server, test first-match-wins
upstream: move auth_openprincipals() and auth_openkeyfile() over to
upstream: make sure that UseDNS hostname lookup happens in the monitor
upstream: make it clear that RekeyLimit applies to both transmitted
upstream: allow arguments to sftp -D option, e.g. sftp -D
upstream: ignore SIGPIPE earlier in main(), specifically before
upstream: bump up loglevel from debug to info when unable to open
upstream: use consistent field names (s/char/byte)
upstream: pull passphrase reading and confirmation into a separate
upstream: when enrolling a resident key on a security token, check
upstream: sk-usbhid: preserve error code returned by key_lookup()
upstream: ssh-keygen: fix touch prompt, pin retries;
upstream: avoid double-free in error path introduced in r1.70; report
upstream: don't prompt for FIDO passphrase before attempting to enroll
upstream: allow certificate validity intervals, sshsig verification
upstream: add some tests for parse_absolute_time(), including cases
upstream: sftp-server: support home-directory request
upstream: add an extra flag to sk_probe() to indicate whether we're
upstream: double free() in error path; from Eusgor via GHPR333
upstream: remove incorrect check that can break enrolling a
upstream: attemp FIDO key signing without PIN and use the error
upstream: whitespace
upstream: whitespace
upstream: whitespace
upstream: sk-usbhid: fix key_lookup() on tokens with built-in UV
upstream: notifier_complete(NULL, ...) is a noop, so no need to test
upstream: ssh-agent: attempt FIDO key signing without PIN and use
upstream: a little extra debugging
upstream: sk_enroll: never drop SSH_SK_USER_VERIFICATION_REQD flag
upstream: sftp: Don't attempt to complete arguments for
upstream: sftp: Be a bit more clever about completions
upstream: correct error value
upstream: actually hook up restrict_websafe; the command-line flag
upstream: Add a sshkey_check_rsa_length() call for checking the
upstream: add a RequiredRSASize for checking RSA key length in
upstream: Add RequiredRSASize for sshd(8); RSA keys that fall
upstream: better debugging for connect_next()
upstream: sftp-server(8): add a "users-groups-by-id at openssh.com"
upstream: extend sftp-common.c:extend ls_file() to support supplied
upstream: sftp client library support for
upstream: use users-groups-by-id at openssh.com sftp-server extension
upstream: add RequiredRSASize to the list of keywords accepted by
upstream: openssh-9.1
dtucker at openbsd.org (29):
upstream: Note that curve25519-sha256 was later published in
upstream: Correct path for system known hosts file in description
upstream: Import regenerated moduli
upstream: Import regenerated moduli
upstream: Simplify forward-control test.
upstream: Use ssh -f and ControlPersist ..
upstream: It looks like we can't completely avoid
upstream: Check sshauthopt_new() for NULL. bz#3425, from
upstream: Add authfd path to debug output. ok markus@
upstream: Don't leak SK device. Patch from Pedro Martelletto via
upstream: Remove errant apostrophe. From haruyama at queen-ml org.
upstream: Note that ProxyJump also accepts the same tokens as
upstream: Avoid kill with -1 argument. The out_ctx label can be
upstream: f sshpkt functions fail, then password is not cleared
upstream: ssh-keygen -A: do not generate DSA keys by default.
upstream: Add period at end of "not known by any other names"
upstream: Add missing *-sk types to ssh-keyscan manpage. From
upstream: Log an error if pipe() fails while accepting a
upstream: Don't attempt to fprintf a null identity comment. From
upstream: Don't leak the strings allocated by order_hostkeyalgs()
upstream: Roll back previous KEX changes as they aren't safe until
upstream: Always return allocated strings from the kex filtering so
upstream: Don't leak the strings allocated by order_hostkeyalgs()
upstream: Remove leftover line.
upstream: Add TEST_REGRESS_CACHE_DIR.
upstream: Test TEST_SSH_ELAPSED_TIMES for empty string not
upstream: Restore missing "!" in TEST_SSH_ELAPSED_TIMES test.
upstream: Strictly enforce the maximum allowed SSH2 banner size in
upstream: Fix typo. From AlexanderStohr via github PR#343.
florian at openbsd.org (1):
upstream: Add FIDO AUTHENTICATOR section and explain a bit how FIDO
jmc at openbsd.org (5):
upstream: remove an obsolete rsa1 format example from an example;
upstream: keywords ref ssh_config.5;
upstream: reflect the update to -D arg name in usage();
upstream: use .Cm for "sign"; from josiah frentsos
upstream: .Li -> .Vt where appropriate; from josiah frentsos,
jsg at openbsd.org (1):
upstream: fix repeated words ok miod@ jmc@
markus at openbsd.org (1):
upstream: make sure stdout is non-blocking; ok djm@
millert at openbsd.org (3):
upstream: Avoid an unnecessary xstrdup in rm_env() when matching
upstream: Add missing includes of stdlib.h and stdint.h. We need
upstream: Remove unnecessary includes: openssl/hmac.h and
naddy at openbsd.org (1):
upstream: ssh-keygen: implement "verify-required" certificate option.
tj at openbsd.org (1):
upstream: list the correct version number
tobhe at openbsd.org (1):
upstream: Make sure not to fclose() the same fd twice in case of an
-----------------------------------------------------------------------
No new revisions were added by this update.
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list