X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.1 required=5.0	tests=AWL,BAYES_00,SPF_HELO_PASS,T_RP_MATCHES_RCVD
X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Hans Horn <hannes AT 2horns DOT com>
Subject: Re: [ANNOUNCEMENT] Updated: OpenSSH-5.8p1-1
Date: Tue, 08 Feb 2011 12:54:24 -0800
Lines: 101
Message-ID: <iisai7$k23$1@dough.gmane.org>
References: <announce DOT 20110204122737 DOT GA6733 AT calimero DOT vinschen DOT de>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7
In-Reply-To: <announce.20110204122737.GA6733@calimero.vinschen.de>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Corinna,

Last week I updated openssh to 5.7p1-1, just to realize that I cannot 
connect anymore. Reverting to 5.6p1-2 solved the issue.

Saturday I updated to 5.8p1-1 finding the same failure to connect as 
with 5.7p1-1.
Unfortunately 5.6p1-2 is not among the setup choices anymore.

How can I get openssh 5.6p1-2 back?

Thx.,
H.

  On 2/4/2011 4:27 AM, Corinna Vinschen wrote:
> I've just updated the Cygwin version of OpenSSH to 5.8p1-1.
>
> This is an upstream security and bugfix release.
>
> The Cygwin release additionally contains a patch to the ssh-host-config
> and ssh-user-config scripts which additionally asks to create the new
> ECDSA key type.  The patch has not yet been applied to the upstream
> repository.
>
> The official release message for 5.8p1:
>
> ====================================================================
> OpenSSH 5.8 has just been released. It will be available from the
> mirrors listed at http://www.openssh.com/ shortly.
>
> OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
> implementation and includes sftp client and server support.
>
> Once again, we would like to thank the OpenSSH community for their
> continued support of the project, especially those who contributed
> code or patches, reported bugs, tested snapshots or donated to the
> project. More information on donations may be found at:
> http://www.openssh.com/donations.html
>
> Changes since OpenSSH 5.7
> =========================
>
> Security:
>
>   * Fix vulnerability in legacy certificate signing introduced in
>     OpenSSH-5.6 and found by Mateusz Kocielski.
>
>     Legacy certificates signed by OpenSSH 5.6 or 5.7 included data from
>     the stack in place of a random nonce field. The contents of the stack
>     do not appear to contain private data at this point, but this cannot
>     be stated with certainty for all platform, library and compiler
>     combinations. In particular, there exists a risk that some bytes from
>     the privileged CA key may be accidentally included.
>
>     A full advisory for this issue is available at:
>     http://www.openssh.com/txt/legacy-cert.adv
>
> Portable OpenSSH Bugfixes:
>
>   * Fix compilation failure when enableing SELinux support.
>
>   * Do not attempt to call SELinux functions when SELinux is disabled.
>     bz#1851
>
> Checksums:
> ==========
>
>   - SHA1 (openssh-5.8.tar.gz) = 205dece2c8b41c69b082eb65320d359987aae25b
>   - SHA1 (openssh-5.8p1.tar.gz) = adebb2faa9aba2a3a3c8b401b2b19677ab53f0de
>
> Reporting Bugs:
> ===============
>
> - Please read http://www.openssh.com/report.html
>    Security bugs should be reported directly to openssh AT openssh DOT com
>
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
> Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
> Ben Lindstrom.
> ====================================================================
>
> To update your installation, click on the "Install Cygwin now" link on
> the http://cygwin.com/ web page.  This downloads setup.exe to your
> system.  Then, run setup and answer all of the questions.
>
>                *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
>
> If you want to unsubscribe from the cygwin-announce mailing list, look
> at the "List-Unsubscribe: " tag in the email header of this message.
> Send email to the address specified there.  It will be in the format:
>
> cygwin-announce-unsubscribe-you=3D3Dyourdomain DOT com AT cygwin DOT com
>
> If you need more information on unsubscribing, start reading here:
>
> http://sourceware.org/lists.html#unsubscribe-simple
>
> Please read *all* of the information on unsubscribing that is available
> starting at this URL.
>



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple