New upstream release (7.4p1).

author: Colin Watson <cjwatson@debian.org> 2016-12-20 00:22:53 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-12-23 19:08:35 +0000
commit: ee52365e713e546dbd878d73d9590dbaccd760ba (patch)
tree: 841d0d9ae73e83070bcc3b46218ebdd18142dda3 /debian/NEWS
parent: 8a4a5c22e363ad6a110ad9b787170297f5da8f04 (diff)
parent: 2103d3e5566c54e08a59be750579a249e46747d7 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS
index 6f4564ba7..3a331e1fd 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,34 @@
+openssh (1:7.4p1-1) UNRELEASED; urgency=medium
+  OpenSSH 7.4 includes a number of changes that may affect existing
+  configurations:
+   * ssh(1): Remove 3des-cbc from the client's default proposal.  64-bit
+     block ciphers are not safe in 2016 and we don't want to wait until
+     attacks like SWEET32 are extended to SSH.  As 3des-cbc was the only
+     mandatory cipher in the SSH RFCs, this may cause problems connecting to
+     older devices using the default configuration, but it's highly likely
+     that such devices already need explicit configuration for key exchange
+     and hostkey algorithms already anyway.
+   * sshd(8): Remove support for pre-authentication compression.  Doing
+     compression early in the protocol probably seemed reasonable in the
+     1990s, but today it's clearly a bad idea in terms of both cryptography
+     (cf. multiple compression oracle attacks in TLS) and attack surface.
+     Pre-auth compression support has been disabled by default for >10
+     years.  Support remains in the client.
+   * ssh-agent will refuse to load PKCS#11 modules outside a whitelist of
+     trusted paths by default.  The path whitelist may be specified at
+     run-time.
+   * sshd(8): When a forced-command appears in both a certificate and an
+     authorized keys/principals command= restriction, sshd will now refuse
+     to accept the certificate unless they are identical.  The previous
+     (documented) behaviour of having the certificate forced-command
+     override the other could be a bit confusing and error-prone.
+   * sshd(8): Remove the UseLogin configuration directive and support for
+     having /bin/login manage login sessions.
+ -- Colin Watson <cjwatson@debian.org>  Tue, 20 Dec 2016 22:21:15 +0000
 openssh (1:7.2p1-1) unstable; urgency=medium
  OpenSSH 7.2 disables a number of legacy cryptographic algorithms by
author	Colin Watson <cjwatson@debian.org>	2016-12-20 00:22:53 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-12-23 19:08:35 +0000
commit	ee52365e713e546dbd878d73d9590dbaccd760ba (patch)
tree	841d0d9ae73e83070bcc3b46218ebdd18142dda3 /debian/NEWS
parent	8a4a5c22e363ad6a110ad9b787170297f5da8f04 (diff)
parent	2103d3e5566c54e08a59be750579a249e46747d7 (diff)

diff --git a/debian/NEWS b/debian/NEWS index 6f4564ba7..3a331e1fd 100644 --- a/debian/NEWS +++ b/debian/NEWS
@@ -1,3 +1,34 @@
		1	openssh (1:7.4p1-1) UNRELEASED; urgency=medium
		2
		3	OpenSSH 7.4 includes a number of changes that may affect existing
		4	configurations:
		5
		6	* ssh(1): Remove 3des-cbc from the client's default proposal. 64-bit
		7	block ciphers are not safe in 2016 and we don't want to wait until
		8	attacks like SWEET32 are extended to SSH. As 3des-cbc was the only
		9	mandatory cipher in the SSH RFCs, this may cause problems connecting to
		10	older devices using the default configuration, but it's highly likely
		11	that such devices already need explicit configuration for key exchange
		12	and hostkey algorithms already anyway.
		13	* sshd(8): Remove support for pre-authentication compression. Doing
		14	compression early in the protocol probably seemed reasonable in the
		15	1990s, but today it's clearly a bad idea in terms of both cryptography
		16	(cf. multiple compression oracle attacks in TLS) and attack surface.
		17	Pre-auth compression support has been disabled by default for >10
		18	years. Support remains in the client.
		19	* ssh-agent will refuse to load PKCS#11 modules outside a whitelist of
		20	trusted paths by default. The path whitelist may be specified at
		21	run-time.
		22	* sshd(8): When a forced-command appears in both a certificate and an
		23	authorized keys/principals command= restriction, sshd will now refuse
		24	to accept the certificate unless they are identical. The previous
		25	(documented) behaviour of having the certificate forced-command
		26	override the other could be a bit confusing and error-prone.
		27	* sshd(8): Remove the UseLogin configuration directive and support for
		28	having /bin/login manage login sessions.
		29
		30	-- Colin Watson <cjwatson@debian.org> Tue, 20 Dec 2016 22:21:15 +0000
		31
1	openssh (1:7.2p1-1) unstable; urgency=medium	32	openssh (1:7.2p1-1) unstable; urgency=medium
2		33
3	OpenSSH 7.2 disables a number of legacy cryptographic algorithms by	34	OpenSSH 7.2 disables a number of legacy cryptographic algorithms by