Announce: OpenSSH 7.1 released

Markus Friedl mfriedl at gmail.com
Fri Aug 21 21:43:09 AEST 2015


It refers to the future.  



> Am 21.08.2015 um 13:04 schrieb Mark Janssen <maniac.nl at gmail.com>:
> 
> I'm assuming the "deprecation notice" section should refer to 7.2 now, and
> not 7.1 ?
> 
> Mark
> 
>> On Fri, Aug 21, 2015 at 8:11 AM, Damien Miller <djm at cvs.openbsd.org> wrote:
>> 
>> OpenSSH 7.1 has just been released. It will be available from the
>> mirrors listed at http://www.openssh.com/ shortly.
>> 
>> OpenSSH is a 100% complete SSH protocol 2.0 implementation and
>> includes sftp client and server support. OpenSSH also includes
>> transitional support for the legacy SSH 1.3 and 1.5 protocols
>> that may be enabled at compile-time.
>> 
>> Once again, we would like to thank the OpenSSH community for their
>> continued support of the project, especially those who contributed
>> code or patches, reported bugs, tested snapshots or donated to the
>> project. More information on donations may be found at:
>> http://www.openssh.com/donations.html
>> 
>> Future deprecation notice
>> =========================
>> 
>> We plan on retiring more legacy cryptography in the next release
>> including:
>> 
>> * Refusing all RSA keys smaller than 1024 bits (the current minimum
>>   is 768 bits)
>> 
>> * Several ciphers will be disabled by default: blowfish-cbc,
>>   cast128-cbc, all arcfour variants and the rijndael-cbc aliases
>>   for AES.
>> 
>> * MD5-based HMAC algorithms will be disabled by default.
>> 
>> This list reflects our current intentions, but please check the final
>> release notes for OpenSSH 7.1 when it is released.
>> 
>> Changes since OpenSSH 7.0
>> =========================
>> 
>> This is a bugfix release.
>> 
>> Security
>> --------
>> 
>> * sshd(8): OpenSSH 7.0 contained a logic error in PermitRootLogin=
>>   prohibit-password/without-password that could, depending on
>>   compile-time configuration, permit password authentication to
>>   root while preventing other forms of authentication. This problem
>>   was reported by Mantas Mikulenas.
>> 
>> Bugfixes
>> --------
>> 
>> * ssh(1), sshd(8): add compatability workarounds for FuTTY
>> 
>> * ssh(1), sshd(8): refine compatability workarounds for WinSCP
>> 
>> * Fix a number of memory faults (double-free, free of uninitialised
>>   memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz
>>   Kocielski.
>> 
>> Checksums:
>> ==========
>> 
>> - SHA1 (openssh-7.1.tar.gz) = 06c1db39f33831fe004726e013b2cf84f1889042
>> - SHA256 (openssh-7.1.tar.gz) =
>> H7U1se9EoBmhkKi2i7lqpMX9QHdDTsgpu7kd5VZUGSY=
>> 
>> - SHA1 (openssh-7.1p1.tar.gz) = ed22af19f962262c493fcc6ed8c8826b2761d9b6
>> - SHA256 (openssh-7.1p1.tar.gz) =
>> /AptLR0GPVxm3/2VJJPQzaJWytIE9oHeD4TvhbKthCg=
>> 
>> Please note that the SHA256 signatures are base64 encoded and not
>> hexadecimal (which is the default for most checksum tools). The PGP
>> key used to sign the releases is available as RELEASE_KEY.asc from
>> the mirror sites.
>> 
>> Reporting Bugs:
>> ===============
>> 
>> - Please read http://www.openssh.com/report.html
>>  Security bugs should be reported directly to openssh at openssh.com
>> 
>> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
>> Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
>> Ben Lindstrom.
>> 
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 
> 
> 
> -- 
> Mark Janssen  --  maniac(at)maniac.nl
> Unix / Linux Open-Source and Internet Consultant
> Maniac.nl Sig-IO.nl Vps.Stoned-IT.com
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list