Announce: OpenSSH 7.1 released

Damien Miller djm at mindrot.org
Sat Aug 22 09:24:55 AEST 2015


yes, that's a typo

On Fri, 21 Aug 2015, Mark Janssen wrote:

> I'm assuming the "deprecation notice" section should refer to 7.2 now, and
> not 7.1 ?
> Mark
> 
> On Fri, Aug 21, 2015 at 8:11 AM, Damien Miller <djm at cvs.openbsd.org> wrote:
>       OpenSSH 7.1 has just been released. It will be available from
>       the
>       mirrors listed at http://www.openssh.com/ shortly.
> 
>       OpenSSH is a 100% complete SSH protocol 2.0 implementation and
>       includes sftp client and server support. OpenSSH also includes
>       transitional support for the legacy SSH 1.3 and 1.5 protocols
>       that may be enabled at compile-time.
> 
>       Once again, we would like to thank the OpenSSH community for
>       their
>       continued support of the project, especially those who
>       contributed
>       code or patches, reported bugs, tested snapshots or donated to
>       the
>       project. More information on donations may be found at:
>       http://www.openssh.com/donations.html
> 
>       Future deprecation notice
>       =========================
> 
>       We plan on retiring more legacy cryptography in the next release
>       including:
> 
>        * Refusing all RSA keys smaller than 1024 bits (the current
>       minimum
>          is 768 bits)
> 
>        * Several ciphers will be disabled by default: blowfish-cbc,
>          cast128-cbc, all arcfour variants and the rijndael-cbc
>       aliases
>          for AES.
> 
>        * MD5-based HMAC algorithms will be disabled by default.
> 
>       This list reflects our current intentions, but please check the
>       final
>       release notes for OpenSSH 7.1 when it is released.
> 
>       Changes since OpenSSH 7.0
>       =========================
> 
>       This is a bugfix release.
> 
>       Security
>       --------
> 
>        * sshd(8): OpenSSH 7.0 contained a logic error in
>       PermitRootLogin=
>          prohibit-password/without-password that could, depending on
>          compile-time configuration, permit password authentication to
>          root while preventing other forms of authentication. This
>       problem
>          was reported by Mantas Mikulenas.
> 
>       Bugfixes
>       --------
> 
>        * ssh(1), sshd(8): add compatability workarounds for FuTTY
> 
>        * ssh(1), sshd(8): refine compatability workarounds for WinSCP
> 
>        * Fix a number of memory faults (double-free, free of
>       uninitialised
>          memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz
>          Kocielski.
> 
>       Checksums:
>       ==========
> 
>        - SHA1 (openssh-7.1.tar.gz) =
>       06c1db39f33831fe004726e013b2cf84f1889042
>        - SHA256 (openssh-7.1.tar.gz) =
>       H7U1se9EoBmhkKi2i7lqpMX9QHdDTsgpu7kd5VZUGSY=
> 
>        - SHA1 (openssh-7.1p1.tar.gz) =
>       ed22af19f962262c493fcc6ed8c8826b2761d9b6
>        - SHA256 (openssh-7.1p1.tar.gz) =
>       /AptLR0GPVxm3/2VJJPQzaJWytIE9oHeD4TvhbKthCg=
> 
>       Please note that the SHA256 signatures are base64 encoded and
>       not
>       hexadecimal (which is the default for most checksum tools). The
>       PGP
>       key used to sign the releases is available as RELEASE_KEY.asc
>       from
>       the mirror sites.
> 
>       Reporting Bugs:
>       ===============
> 
>       - Please read http://www.openssh.com/report.html
>         Security bugs should be reported directly to
>       openssh at openssh.com
> 
>       OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo
>       de Raadt,
>       Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim
>       Rice and
>       Ben Lindstrom.
> 
>       _______________________________________________
>       openssh-unix-dev mailing list
>       openssh-unix-dev at mindrot.org
>       https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 
> 
> 
> 
> --
> Mark Janssen  --  maniac(at)maniac.nl
> Unix / Linux Open-Source and Internet Consultant
> Maniac.nl Sig-IO.nl Vps.Stoned-IT.com
> 
> 
> 


More information about the openssh-unix-dev mailing list