Hash: SHA256

Format: 1.8
Date: Thu, 24 Feb 2022 11:06:15 +0000
Source: openssh
Architecture: source
Version: 1:8.9p1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <>
Changed-By: Colin Watson <>
 openssh (1:8.9p1-1) unstable; urgency=medium
   * New upstream release (
     - sshd(8): fix an integer overflow in the user authentication path that,
       in conjunction with other logic errors, could have yielded
       unauthenticated access under difficult to exploit conditions.
     - sshd(8), portable OpenSSH only: this release removes in-built support
       for MD5-hashed passwords.
     - ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
       restricting forwarding and use of keys added to ssh-agent(1).
     - ssh(1), sshd(8): add the hybrid
       ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default
       KEXAlgorithms list (after the ECDH methods but before the prime-group
       DH ones). The next release of OpenSSH is likely to make this key
       exchange the default method.
     - ssh-keygen(1): when downloading resident keys from a FIDO token, pass
       back the user ID that was used when the key was created and append it
       to the filename the key is written to (if it is not the default).
       Avoids keys being clobbered if the user created multiple resident keys
       with the same application string but different user IDs.
     - ssh-keygen(1), ssh(1), ssh-agent(1): better handling for FIDO keys on
       tokens that provide user verification (UV) on the device itself,
       including biometric keys, avoiding unnecessary PIN prompts.
     - ssh-keygen(1): add "ssh-keygen -Y match-principals" operation to
       perform matching of principals names against an allowed signers file.
       To be used towards a TOFU model for SSH signatures in git.
     - ssh-add(1), ssh-agent(1): allow pin-required FIDO keys to be added to
       ssh-agent(1). $SSH_ASKPASS will be used to request the PIN at
       authentication time.
     - ssh-keygen(1): allow selection of hash at sshsig signing time (either
       sha512 (default) or sha256).
     - ssh(1), sshd(8): read network data directly to the packet input buffer
       instead indirectly via a small stack buffer. Provides a modest
       performance improvement.
     - ssh(1), sshd(8): read data directly to the channel input buffer,
       providing a similar modest performance improvement.
     - ssh(1): extend the PubkeyAuthentication configuration directive to
       accept yes|no|unbound|host-bound to allow control over one of the
       protocol extensions used to implement agent-restricted keys.
     - sshd(8): document that CASignatureAlgorithms, ExposeAuthInfo and
       PubkeyAuthOptions can be used in a Match block.
     - sshd(8): fix possible string truncation when constructing paths to
       .rhosts/.shosts files with very long user home directory names.
     - ssh-keysign(1): unbreak for KEX algorithms that use SHA384/512
       exchange hashes.
     - ssh(1): don't put the TTY into raw mode when SessionType=none, avoids
       ^C being unable to kill such a session.
     - scp(1): fix some corner-case bugs in SFTP-mode handling of ~-prefixed
     - ssh(1): unbreak hostbased auth using RSA keys. Allow ssh(1) to select
       RSA keys when only RSA/SHA2 signature algorithms are configured (this
       is the default case). Previously RSA keys were not being considered in
       the default case.
     - ssh-keysign(1): make ssh-keysign use the requested signature algorithm
       and not the default for the key type. Part of unbreaking hostbased
       auth for RSA/SHA2 keys.
     - ssh(1): stricter UpdateHostkey signature verification logic on the
       client-side. Require RSA/SHA2 signatures for RSA hostkeys except when
       RSA/SHA1 was explicitly negotiated during initial KEX.
     - ssh(1), sshd(8): fix signature algorithm selection logic for
       UpdateHostkeys on the server side. The previous code tried to prefer
       RSA/SHA2 for hostkey proofs of RSA keys, but missed some cases. This
       will use RSA/SHA2 signatures for RSA keys if the client proposed these
       algorithms in initial KEX.
     - All: convert all uses of select(2)/pselect(2) to poll(2)/ppoll(2).
       This includes the mainloops in ssh(1), ssh-agent(1), ssh-agent(1) and
       sftp-server(8), as well as the sshd(8) listen loop and all other FD
       read/writability checks. On platforms with missing or broken
       poll(2)/ppoll(2) syscalls a select(2)-based compat shim is available.
     - ssh-keygen(1): the "-Y find-principals" command was verifying key
       validity when using ca certs but not with simple key lifetimes within
       the allowed signers file.
     - ssh-keygen(1): make sshsig verify-time argument parsing optional.
     - sshd(8): fix truncation in rhosts/shosts path construction.
     - ssh(1), ssh-agent(1): avoid xmalloc(0) for PKCS#11 keyid for ECDSA
       keys (we already did this for RSA keys). Avoids fatal errors for
       PKCS#11 libraries that return empty keyid, e.g. Microchip ATECC608B
     - ssh(1), ssh-agent(1): improve the testing of credentials against
       inserted FIDO: ask the token whether a particular key belongs to it in
       cases where the token supports on-token user-verification (e.g.
       biometrics) rather than just assuming that it will accept it. Will
       reduce spurious "Confirm user presence" notifications for key handles
       that relate to FIDO keys that are not currently inserted in at least
       some cases.
     - ssh(1), sshd(8): correct value for IPTOS_DSCP_LE. It needs to allow
       for the preceding two ECN bits.
     - ssh-keygen(1): add missing -O option to usage() for the "-Y sign"
     - ssh-keygen(1): fix a NULL deref when using the find-principals
       function, when matching an allowed_signers line that contains a
       namespace restriction, but no restriction specified on the
     - ssh-agent(1): fix memleak in process_extension().
     - ssh(1): suppress "Connection to xxx closed" messages when LogLevel is
       set to "error" or above.
     - ssh(1), sshd(8): use correct zlib flags when inflate(3)-ing compressed
       packet data.
     - scp(1): when recursively transferring files in SFTP mode, create the
       destination directory if it doesn't already exist to match scp(1) in
       legacy RCP mode behaviour.
     - scp(1): many improvements in error message consistency between scp(1)
       in SFTP mode vs legacy RCP mode.
     - sshd(8): fix potential race in SIGTERM handling.
     - ssh(1), ssh(8): since DSA keys are deprecated, move them to the end of
       the default list of public keys so that they will be tried last.
     - ssh-keygen(1): allow 'ssh-keygen -Y find-principals' to match wildcard
       principals in allowed_signers files.
     - ssh(1), sshd(8): don't trust closefrom(2) on Linux. glibc's
       implementation does not work in a chroot when the kernel does not have
       close_range(2). It tries to read from /proc/self/fd and when that
       fails dies with an assertion of sorts. Instead, call close_range(2)
       directly from our compat code and fall back if that fails.
     - Correct handling of exceptfds/POLLPRI in our select(2)-based
       poll(2)/ppoll(2) compat implementation.
   * Drop patch to work around,
     since the fix for that is in Debian stable.
 15bbc055bfba902f5ccd8d26d9f5dbfe17f00ed4 3347 openssh_8.9p1-1.dsc
 205cdf0040a238047e2c49f43460e03d76e5d650 1820282 openssh_8.9p1.orig.tar.gz
 645448c343e709e46fec137ac8717ccd3f98f0ef 833 openssh_8.9p1.orig.tar.gz.asc
 5fe48d663fb35be8601b4427c96e991267cad9ff 186628 openssh_8.9p1-1.debian.tar.xz
 7191de2e5d0e5de922ea8b949bc6ad54fd3586016f6d3fb685230511bf7d64dd 3347 
 fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7 1820282 
 ed9b972e9a1c1474d279fa97f2a03431e14e888e1b18eff93570962843320d58 833 
 75902d23d1105bbdc540729f727c2706f789e2dbb7c885b91cbd59bef215047a 186628 
 d1d05db69863516d9e9fc76b5e6d83c9 3347 net standard openssh_8.9p1-1.dsc
 f33910174f0af52491277211e2b105bb 1820282 net standard openssh_8.9p1.orig.tar.gz
 f061e58b34f87a5a97975f581ef2bd1d 833 net standard openssh_8.9p1.orig.tar.gz.asc
 c0e2451ccb72bcf1984994693a664fc7 186628 net standard 



Thank you for your contribution to Debian.

Reply via email to