Announce: OpenSSH 4.9 released

Damien Miller djm at cvs.openbsd.org
Mon Mar 31 12:35:53 EST 2008


OpenSSH 4.9 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots and purchased
T-shirts or posters.

T-shirt, poster and CD sales directly support the project. Pictures
and more information can be found at:
        http://www.openbsd.org/tshirts.html and
	http://www.openbsd.org/orders.html

For international orders use http://https.openbsd.org/cgi-bin/order
and for European orders, use http://https.openbsd.org/cgi-bin/order.eu

Note that OpenSSH 4.8 was an OpenBSD-only release shipped with the
OpenBSD 4.3 CD.

Changes since OpenSSH 4.7:
============================

Security:

 * Disable execution of ~/.ssh/rc for sessions where a command has been
   forced by the sshd_config ForceCommand directive. Users who had
   write access to this file could use it to execute abritrary commands.
   This behaviour was documented, but was an unsafe default and an extra
   hassle for administrators.

New features:

  * Added chroot(2) support for sshd(8), controlled by a new option
    "ChrootDirectory". Please refer to sshd_config(5) for details, and
    please use this feature carefully. (bz#177 bz#1352)
  * Linked sftp-server(8) into sshd(8). The internal sftp server is
    used when the command "internal-sftp" is specified in a Subsystem
    or ForceCommand declaration. When used with ChrootDirectory, the
    internal sftp server requires no special configuration of files
    inside the chroot environment. Please refer to sshd_config(5) for
    more information.
  * Added a "no-user-rc" option for authorized_keys to disable execution
    of ~/.ssh/rc
  * Added a protocol extension method "posix-rename at openssh.com" for
    sftp-server(8) to perform POSIX atomic rename() operations.
    (bz#1400)
  * Removed the fixed limit of 100 file handles in sftp-server(8). The
    server will now dynamically allocate handles up to the number of
    available file descriptors. (bz#1397)
  * ssh(8) will now skip generation of SSH protocol 1 ephemeral server
    keys when in inetd mode and protocol 2 connections are negotiated.
    This speeds up protocol 2 connections to inetd-mode servers that
    also allow Protocol 1 (bz#440)
  * Accept the PermitRootLogin directive in a sshd_config(5) Match
    block. Allows for, e.g. permitting root only from the local
    network.
  * Reworked sftp(1) argument splitting and escaping to be more
    internally consistent (i.e. between sftp commands) and more
    consistent with sh(1). Please note that this will change the
    interpretation of some quoted strings, especially those with
    embedded backslash escape sequences. (bz#778)
  * Support "Banner=none" in sshd_config(5) to disable sending of a
    pre-login banner (e.g. in a Match block).
  * ssh(1) ProxyCommands are now executed with $SHELL rather than
    /bin/sh.
  * ssh(1)'s ConnectTimeout option is now applied to both the TCP
    connection and the SSH banner exchange (previously it just covered
    the TCP connection). This allows callers of ssh(1) to better detect
    and deal with stuck servers that accept a TCP connection but don't
    progress the protocol, and also makes ConnectTimeout useful for
    connections via a ProxyCommand.
  * Many new regression tests, including interop tests against PuTTY's
    plink.
  * Support BSM auditing on Mac OS X

The following bugs have been fixed in this release:

   - scp(1) incorrectly reported "stalled" on slow copies. (bz#799)
   - scp(1) date underflow for timestamps before epoch. (bz#828)
   - scp(1) and sftp(1) progressmeter type fixes. (bz#842)
   - SSH2_MSG_UNIMPLEMENTED packets did not correctly reset the client
     keepalive logic, causing disconnections on servers that did not
     explicitly implement "keepalive at openssh.com". (bz#1307)
   - ssh(1) used the obsolete SIG DNS RRtype for host keys in DNS,
     instead of the current standard RRSIG. (bz#1317)
   - Extract magic buffer size constants in scp(1) to #defines.
     (bz#1333)
   - Correctly drain ACKs when a sftp(1) upload write fails midway,
     avoids a fatal() exit from what should be a recoverable condition.
     (bz#1354)
   - Avoid pointer arithmetic and strict aliasing warnings. (bz#1355)
   - Fixed packet size advertisements. Previously TCP and agent
     forwarding incorrectly advertised the channel window size as the
     packet size, causing fatal errors under some conditions. (bz#1360)
   - Document KbdInteractiveAuthentication in sshd_config(5). (bz#1367)
   - Fixed sftp(1) file handle leak on download when the local file
     could not be opened. (bz#1375)
   - Fixed ssh-keygen(1) selective host key hashing (i.e.
     "ssh-keygen -HF hostname") to not include any IP address in the
     data to be hashed. (bz#1376)
   - Fix clobbering of struct passwd from multiple getpwid calls,
     resulting in fatal errors inside tilde_expand_filename. (bz#1377)
   - Fix parsing of port-forwarding specifications to correctly
     detect errors in either specified port number. (bz#1378)
   - Fix memory leak in ssh(1) ~ escape commandline handling. (bz#1379)
   - Make ssh(1) skip listening on the IPv6 wildcard address when a
     binding address of 0.0.0.0 is used against an old SSH server that
     does not support the RFC4254 syntax for wildcard bind addresses.
     (bz#1381)
   - Remove extra backslashes in the RB_PROTOTYPE macro definition.
     (bz#1385)
   - Support ssh(1) RekeyLimits up to the maximum allowed by the
     protocol: 2**32-1. (bz#1390)
   - Enable IPV6_V6ONLY socket option on sshd(8) listen socket, as is
     already done for X11/TCP forwarding sockets. (bz#1392)
   - Fix FD leak that could hang a ssh(1) connection multiplexing
     master. (bz#1398)
   - Improve error messages when hostname resolution fails due to a
     system error. (bz#1417)
   - Make ssh(1) -q option documentation consistent with reality.
     (bz#1427 bz#1429)

Portable OpenSSH bugs fixed:

   - Fixed sshd(8) PAM support not calling pam_session_close(), or
     failing to call it with root privileges. (bz#926)
   - Made sshd(8) use configuration-specified SyslogFacility for
     hosts_access(3) messages for denied connections. (bz#1042)
   - Implement getgrouplist(3) for AIX, enabling NSS LDAP to work on
     this platform. (bz#1081)
   - Fix compilation errors on AIX due to misdefinition of LLONG_MAX.
     (bz#1347)
   - Force use of local glob(3) implementation on Mac OS X and FreeBSD,
     as the platform versions lack features or have unexpected
     behaviour. (bz#1407)
   - Reduce stdout/stderr noise from ssh-copy-id. (bz#1431)
   - Fix activation of OpenSSL engine support when requested in
     configure. (bz#1437)

Checksums:
==========

 - SHA1 (openssh-4.9.tar.gz) = fa7d1b3dcb093bd0dfc643b33b1a57a26f459373
 - SHA1 (openssh-4.9p1.tar.gz) = 91575878883065bd777f82b47e0d481ac69ee7fe

Reporting Bugs:
===============

- please read http://www.openssh.com/report.html
  and http://bugzilla.mindrot.org/

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.



More information about the openssh-unix-dev mailing list