| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.3.2 sourceware.org A8EAE3857828 |
| Authentication-Results: | sourceware.org; dmarc=none (p=none dis=none) |
| header.from=SystematicSW.ab.ca | |
| Authentication-Results: | sourceware.org; |
| spf=none smtp.mailfrom=brian DOT inglis AT systematicsw DOT ab DOT ca | |
| X-Authority-Analysis: | v=2.4 cv=Nv6yz+RJ c=1 sm=1 tr=0 ts=60a0afc6 |
| a=T+ovY1NZ+FAi/xYICV7Bgg==:117 a=T+ovY1NZ+FAi/xYICV7Bgg==:17 a=oeppcwj8AAAA:8 | |
| a=nzlN5NquyZt7nC4hDMIA:9 a=5n1A7qh1AjcA:10 a=EbX5vdCAct3xugfmopdr:22 | |
| From: | Cygwin libssh2 Maintainer <Brian DOT Inglis AT SystematicSW DOT ab DOT ca> |
| To: | cygwin AT cygwin DOT com |
| Date: | Sat, 15 May 2021 23:19:28 -0600 |
| Message-Id: | <announce.20210515231928.19499-1-Brian.Inglis@SystematicSW.ab.ca> |
| Subject: | [ANNOUNCEMENT] Updated: libssh2_1, libssh2-devel 1.9 |
| X-CMAE-Envelope: | MS4xfE3acxsfTdxuIsUXcTrhPF3hhdvTJeL/Hh9s2GN7NUf7MT/tIOhw0xHqyyU2Tn6kWESYa7Kc0IGmgUEU+RrMuS5S0z/SrKX+uuZFSEgEcWNbhqzKs7mO |
| q+XSM+Z+kW09mKS++etws2rxxWmZaDBC4HIdLhdYRgTSy9MVuu6tPxcP3ywLOTl8rb7rLn95Puo5YdXhFXUR1jcORoNaWgMpXmkWNGGI01eivAP6cfXiU0uw | |
| oF/Jd5XqEybDIkscL/wjTSWlHpKGhJiFrJwvlZUST28= | |
| X-Spam-Status: | No, score=0.9 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, |
| KAM_LAZY_DOMAIN_SECURITY, KAM_NUMSUBJECT, RCVD_IN_BARRACUDACENTRAL, | |
| RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, | |
| TXREP autolearn=no autolearn_force=no version=3.4.2 | |
| X-Spam-Checker-Version: | SpamAssassin 3.4.2 (2018-09-13) on |
| server2.sourceware.org | |
| X-BeenThere: | cygwin-announce AT cygwin DOT com |
| X-Mailman-Version: | 2.1.29 |
| X-Mailer: | Perl5 Mail::Internet v2.20 |
| X-BeenThere: | cygwin AT cygwin DOT com |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| Reply-To: | cygwin AT cygwin DOT com |
| MIME-Version: | 1.0 |
| Sender: | "Cygwin" <cygwin-bounces AT cygwin DOT com> |
The following packages have been upgraded in the Cygwin distribution: * libssh2_1 1.9 * libssh2-devel 1.9 libssh2 is a library implementing the SSH2 protocol, supporting many features. For more information see the project home page: https://libssh2.org/ As there are many changes each release please see below or read /usr/share/doc/libssh2/RELEASE-NOTES after installation for complete details: https://libssh2.org/changes.html libssh2 1.9.0 This release includes the following enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * fixed compiling on Windows with the flag STDCALL=ON * improved building instructions * improved unit tests libssh2 1.8.2 This release includes the following bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header libssh2 1.8.1 This release includes the following bug fixes: * fixed possible integer overflow when reading a specially crafted packet * fixed possible integer overflow in userauth_keyboard_interactive with a number of extremely long prompt strings * fixed possible integer overflow if the server sent an extremely large number of keyboard prompts * fixed possible out of bounds read when processing a specially crafted packet * fixed possible integer overflow when receiving a specially crafted exit signal message channel packet * fixed possible out of bounds read when receiving a specially crafted exit status message channel packet * fixed possible zero byte allocation when reading a specially crafted SFTP packet * fixed possible out of bounds reads when processing specially crafted SFTP packets * fixed possible out of bounds reads in _libssh2_packet_require(v) libssh2 1.8.0 This release includes the following changes: * added a basic dockerised test suite * crypto: add support for the mbedTLS backend This release includes the following bugfixes: * libgcrypt: fixed a NULL pointer dereference on OOM * VMS: can't use %zd for off_t format * VMS: update vms/libssh2_config.h * windows: link with crypt32.lib * libssh2_channel_open: speeling error fixed in channel error message * msvc: fixed 14 compilation warnings * tests: HAVE_NETINET_IN_H was not defined correctly * openssl: add OpenSSL 1.1.0 compatibility * cmake: Add CLEAR_MEMORY option, analogously to that for autoconf * configure: make the --with-* options override the OpenSSL default * libssh2_wait_socket: set err_msg on errors * libssh2_wait_socket: Fix comparison with api_timeout to use milliseconds -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |