Call for testing: OpenSSH 10.4
Felix Fehlauer
felix.fehlauer at fs.ei.tum.de
Tue Jun 30 21:21:04 AEST 2026
Hi Damien,
the (V_10_4) - Tracking bug for openssh-10.4 bz3942 [1] depends on
bz3968 [2], which is still open.
Also the preliminary release notes you included mentions bz3954 [3], but
this bug is not mentioned in the tracking bug.
Likewise, this tracking bug mentions bz3947 [4] and bz3952 [5], which
are not mentioned in the preliminary release notes.
Is this intentional?
Besides this tests fail on Fedora Linux 44:
failed copy of /bin/ls
cmp: EOF on ‘/tmp/openssh/regress/copy’ which is empty
corrupted copy of /bin/ls
failed local and remote forwarding
Let me know, if I can assist you further.
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=3942
[2] https://bugzilla.mindrot.org/show_bug.cgi?id=3968
[3] https://bugzilla.mindrot.org/show_bug.cgi?id=3954
[4] https://bugzilla.mindrot.org/show_bug.cgi?id=3947
[5] https://bugzilla.mindrot.org/show_bug.cgi?id=3952
Thanks,
On 6/30/26 04:58, Damien Miller wrote:
> Hi,
>
> OpenSSH 10.4p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
>
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.
>
> Potentially-incompatible changes
> --------------------------------
>
> * sshd(8): configuration dump mode ("sshd -G") now writes directives
> in mixed case (e.g. "PubkeyAuthentication") whereas previously it
> emitted only lower-case names.
>
> * sshd(8): on Linux systems with the seccomp sandbox enabled,
> failures to enable SECCOMP or NO_NEW_PRIVS are now fatal.
> Previously sshd(8) would log the error but continue operation,
> to support systems that lacked these features. Now systems that
> lack these should instead disable the sandbox at configure time.
>
> * ssh(1), sshd(8): make the transport protocol stricter by
> disconnecting if the peer sends non-KEX messages during a post-
> authentication key re-exchange. Previously a malicious peer could
> continue sending non-key exchange messages without penalty. These
> would be buffered, causing memory to be wasted up until the
> connection terminated or the server/client hit a memory limit.
> Implementations that do not restrict messages sent during key
> exchange as per RFC4253 section 7.1 may be disconnected.
> Reported by Marko Jevtic.
>
> New features
> ------------
>
> * All: add experimental support for a composite post-quantum
> signature scheme that combines ML-DSA 44 and Ed25519 as specified
> in draft-miller-sshm-mldsa44-ed25519-composite-sigs.
>
> This scheme is not enabled by default. To use it, you'll need
> to add it to HostKeyAlgorithms, PubkeyAcceptedAlgorithms, etc.
> Keys may be generated using "ssh-keygen -t mldsa44-ed25519".
>
> * ssh(1), sshd(8): replace the wildcard pattern matcher with an
> implementation based on an NFA. This avoids exponential worst-case
> behaviour for the old implementation.
>
> Bugfixes
> --------
>
> * ssh-agent(1): fix incorrect reply to "query" SSH_AGENTC_EXTENSION
> requests. bz3967
>
> * ssh(1), sshd(8): fix several bugs that incorrectly
> classified bulk traffic as interactive. bz3972, bz3958
>
> * ssh-keygen(1), ssh-add(1): skip unsupported key types when
> downloading resident keys from a FIDO token. Previously, downloads
> would abort when one was encountered. GHPR657
>
> * ssh(1): fix a potential use-after-free on an error path if
> cipher_init() fails.
>
> * sshd(8): perform stricter encoding and validation of transport
> state passed between sshd privilege separation subprocesses. This
> somewhat further hardens the server against attacks on sshd-auth
> or sshd-session subprocesses.
>
> * ssh-agent(1): avoid possible runtime denial of service by
> enforcing some limits on the length of usernames in key use
> constraints.
>
> * sftp(1): fix two separate one-byte out-of-bounds reads, in
> SSH2_FXP_REALPATH and batch command processing.
>
> * sftp-server(8): disallow use of the copy-data extension to read
> and write to the same inode simultaneously.
>
> * ssh(1), sshd(8): avoid strlen(NULL) crash if an X11 channel was
> created before the x11-req SSH_MSG_CHANNEL_REQUEST was sent.
> GHPR679
>
> * sftp(1), scp(1): avoid a situation where sftp_download() could get
> stuck in a loop if a broken server repeatedly returned zero length
> while reading a file.
>
> * ssh(1): avoid leaking DNS0x20 case-randomised names into names
> canonicalised using CanonicalizePermittedCNAMEs. bz3966
>
> * sftp-server(8): avoid truncation of pathnames passed to lstat()
> during SSH_FXP_REALPATH handling on systems where PATH_MAX is not
> the actual max. GHPR688
>
> * ssh(1), sshd(8): correct arming of poll(2) event masks for some
> socket-type channels. GHPR660
>
> * sshd(8): major refactor of sshd_config parsing and management
> code, to allow for more exact serialisation/deserialisation across
> privilege separation boundaries.
>
> * ssh-add(1): open connection to the agent only after getopt()
> processing has completed, to give options like "-v" a chance to
> display debug information about this operation.
>
> * crypto code: fix bounds checking when signing messages of length
> greater than will fit in a size_t. In OpenSSH, message sizes are
> bounded by SSHBUF_SIZE_MAX so this was unreachable.
>
> * crypto code: add signature malleability and pubkey validity checks
> to ed25519 verification. SSH doesn't depend on these properties
>
> * crypto code: fix ECDSA order check for curves with cofactor != 1.
> All supported EC curves have cofactor 1, so this was
> unreachable.
>
> * sshd(8): differentiate between execution failures and a subsystem
> that was not found when logging why a subsystem failed to start.
> GHPR637
>
> * All: use safer idioms for timegm(3) and mktime(3) error detection.
>
> * ssh(1), sshd(8): avoid accepting invalid cipher or MAC lists in
> config files or command-line arguments. This could cause runtime
> failures later.
>
> * ssh(1): fix NULL deref crash during pubkey auth when using a PEM
> style private key with no corresponding .pub key adjacent to it.
>
> * sshd(8): don't print an error message when trying to load a host
> private key when PKCS#11 keys are in use, as these don't need the
> private half on the filesystem. GHPR664
>
> * All: don't use deprecated ERR_load_crypto_strings(). GHPR650
>
> * ssh(1): properly report errors during configuration default
> setting. GHPR649
>
> * ssh(1): use correct directive name (Match instead of Host) in
> error message. bz3968
>
> * sftp(1): fix "ls -ln" which was not correctly showing numeric
> UID/GIDs but rather user and group names. bz3953
>
> * sshd(8): avoid possible NULL dereference if an allocation fails
> during config parsing. bz3948
>
> * All: fix ineffective guards against loading overly large public
> keys in several places. bz3969 and bz3970
>
> * sftp(1): ensure file descriptors used by sftp to communicate to
> its ssh(1) subprocess don't leak into executed subprocesses (e.g.
> via "!"). GHPR693
>
> Portability
> -----------
>
> * Sync fmt_scaled.c with OpenBSD upstream, picking up an exactness
> fix for large exponents (GHPR671)
>
> * sshd(8): remove duplicate sandbox entry for clock_gettime64.
>
> * ssh(1), sshd(8): use correct IPTOS_DSCP_VA value if not provided
> by the system headers.
>
> * Sync getrrsetbyname.c with OpenBSD upstream, picking up robustness
> fixes.
>
> * Disable replacements in openbsd-compat for strvisx(3) and
> stravis(3), as these are unused in OpenSSH
>
> * Avoid fortify warnings on Android bz3954
>
> * Fix a number of memory leaks on error paths in the portability
> code. GHPR681
>
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
> Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
> Tim Rice and Ben Lindstrom.
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Fachschaft Elektrotechnik und Informationstechnik e. V.
an der Technischen Universität München
Arcisstraße 21 | 80333 München
Tel.: +49 (0)89/289-22998
Web: https://fsei.de
Rechtsform: eingetragener Verein (e. V.) Amtsgericht München VR 8497
Vertretungsberechtigung gemäß § 26 BGB:
Geschäftsführender Vorstand: Laura Häcker | Pascal Klamm
Finanzvorstand: Veronika Vitez
USt-IdNr. DE129515443
More information about the openssh-unix-dev
mailing list