Mail Archives: cygwin/2011/02/08/15:55:01
Corinna,
Last week I updated openssh to 5.7p1-1, just to realize that I cannot
connect anymore. Reverting to 5.6p1-2 solved the issue.
Saturday I updated to 5.8p1-1 finding the same failure to connect as
with 5.7p1-1.
Unfortunately 5.6p1-2 is not among the setup choices anymore.
How can I get openssh 5.6p1-2 back?
Thx.,
H.
On 2/4/2011 4:27 AM, Corinna Vinschen wrote:
> I've just updated the Cygwin version of OpenSSH to 5.8p1-1.
>
> This is an upstream security and bugfix release.
>
> The Cygwin release additionally contains a patch to the ssh-host-config
> and ssh-user-config scripts which additionally asks to create the new
> ECDSA key type. The patch has not yet been applied to the upstream
> repository.
>
> The official release message for 5.8p1:
>
> ====================================================================
> OpenSSH 5.8 has just been released. It will be available from the
> mirrors listed at http://www.openssh.com/ shortly.
>
> OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
> implementation and includes sftp client and server support.
>
> Once again, we would like to thank the OpenSSH community for their
> continued support of the project, especially those who contributed
> code or patches, reported bugs, tested snapshots or donated to the
> project. More information on donations may be found at:
> http://www.openssh.com/donations.html
>
> Changes since OpenSSH 5.7
> =========================
>
> Security:
>
> * Fix vulnerability in legacy certificate signing introduced in
> OpenSSH-5.6 and found by Mateusz Kocielski.
>
> Legacy certificates signed by OpenSSH 5.6 or 5.7 included data from
> the stack in place of a random nonce field. The contents of the stack
> do not appear to contain private data at this point, but this cannot
> be stated with certainty for all platform, library and compiler
> combinations. In particular, there exists a risk that some bytes from
> the privileged CA key may be accidentally included.
>
> A full advisory for this issue is available at:
> http://www.openssh.com/txt/legacy-cert.adv
>
> Portable OpenSSH Bugfixes:
>
> * Fix compilation failure when enableing SELinux support.
>
> * Do not attempt to call SELinux functions when SELinux is disabled.
> bz#1851
>
> Checksums:
> ==========
>
> - SHA1 (openssh-5.8.tar.gz) = 205dece2c8b41c69b082eb65320d359987aae25b
> - SHA1 (openssh-5.8p1.tar.gz) = adebb2faa9aba2a3a3c8b401b2b19677ab53f0de
>
> Reporting Bugs:
> ===============
>
> - Please read http://www.openssh.com/report.html
> Security bugs should be reported directly to openssh AT openssh DOT com
>
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
> Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
> Ben Lindstrom.
> ====================================================================
>
> To update your installation, click on the "Install Cygwin now" link on
> the http://cygwin.com/ web page. This downloads setup.exe to your
> system. Then, run setup and answer all of the questions.
>
> *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
>
> If you want to unsubscribe from the cygwin-announce mailing list, look
> at the "List-Unsubscribe: " tag in the email header of this message.
> Send email to the address specified there. It will be in the format:
>
> cygwin-announce-unsubscribe-you=3D3Dyourdomain DOT com AT cygwin DOT com
>
> If you need more information on unsubscribing, start reading here:
>
> http://sourceware.org/lists.html#unsubscribe-simple
>
> Please read *all* of the information on unsubscribing that is available
> starting at this URL.
>
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
- Raw text -