Format: 1.8 Date: Thu, 20 Aug 2015 10:38:58 +0100 Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: amd64 amd64_translations all Version: 1:6.9p1-1 Distribution: wily-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Colin Watson Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 241119 481133 740307 740494 767648 774369 778807 781469 787037 787776 790798 793616 795711 Launchpad-Bugs-Fixed: 1287222 Changes: openssh (1:6.9p1-1) unstable; urgency=medium . * New upstream release (http://www.openssh.com/txt/release-6.8): - sshd(8): UseDNS now defaults to 'no'. Configurations that match against the client host name (via sshd_config or authorized_keys) may need to re-enable it or convert to matching against addresses. - Add FingerprintHash option to ssh(1) and sshd(8), and equivalent command-line flags to the other tools to control algorithm used for key fingerprints. The default changes from MD5 to SHA256 and format from hex to base64. Fingerprints now have the hash algorithm prepended. An example of the new format: SHA256:mVPwvezndPv/ARoIadVY98vAC0g+P/5633yTC4d/wXE Please note that visual host keys will also be different. - ssh(1), sshd(8): Experimental host key rotation support. Add a protocol extension for a server to inform a client of all its available host keys after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default off). - ssh(1): Add a ssh_config HostbasedKeyType option to control which host public key types are tried during host-based authentication. - ssh(1), sshd(8): Fix connection-killing host key mismatch errors when sshd offers multiple ECDSA keys of different lengths. - ssh(1): When host name canonicalisation is enabled, try to parse host names as addresses before looking them up for canonicalisation. Fixes bz#2074 and avoids needless DNS lookups in some cases. - ssh(1), ssh-keysign(8): Make ed25519 keys work for host based authentication. - sshd(8): SSH protocol v.1 workaround for the Meyer, et al, Bleichenbacher Side Channel Attack. Fake up a bignum key before RSA decryption. - sshd(8): Remember which public keys have been used for authentication and refuse to accept previously-used keys. This allows AuthenticationMethods=publickey,publickey to require that users authenticate using two _different_ public keys. - sshd(8): add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes options to allow sshd to control what public key types will be accepted (closes: #481133). Currently defaults to all. - sshd(8): Don't count partial authentication success as a failure against MaxAuthTries. - ssh(1): Add RevokedHostKeys option for the client to allow text-file or KRL-based revocation of host keys. - ssh-keygen(1), sshd(8): Permit KRLs that revoke certificates by serial number or key ID without scoping to a particular CA. - ssh(1): Add a "Match canonical" criteria that allows ssh_config Match blocks to trigger only in the second config pass. - ssh(1): Add a -G option to ssh that causes it to parse its configuration and dump the result to stdout, similar to "sshd -T". - ssh(1): Allow Match criteria to be negated. E.g. "Match !host". - ssh-keyscan(1): ssh-keyscan has been made much more robust against servers that hang or violate the SSH protocol (closes: #241119). - ssh(1), ssh-keygen(1): Fix regression bz#2306: Key path names were being lost as comment fields (closes: #787776). - ssh(1): Allow ssh_config Port options set in the second config parse phase to be applied (they were being ignored; closes: #774369). - ssh(1): Tweak config re-parsing with host canonicalisation - make the second pass through the config files always run when host name canonicalisation is enabled (and not whenever the host name changes) - ssh(1): Fix passing of wildcard forward bind addresses when connection multiplexing is in use. - ssh-keygen(1): Fix broken private key conversion from non-OpenSSH formats. - ssh-keygen(1): Fix KRL generation bug when multiple CAs are in use. * New upstream release (http://www.openssh.com/txt/release-6.9): - CVE-2015-5352: ssh(1): When forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh(1) coupled with "fail open" behaviour in the X11 server when clients attempted connections with expired credentials (closes: #790798). This problem was reported by Jann Horn. - SECURITY: ssh-agent(1): Fix weakness of agent locking (ssh-add -x) to password guessing by implementing an increasing failure delay, storing a salted hash of the password rather than the password itself and using a timing-safe comparison function for verifying unlock attempts. This problem was reported by Ryan Castellucci. - sshd(8): Support admin-specified arguments to AuthorizedKeysCommand (closes: #740494). - sshd(8): Add AuthorizedPrincipalsCommand that allows retrieving authorized principals information from a subprocess rather than a file. - ssh(1), ssh-add(1): Support PKCS#11 devices with external PIN entry devices. - ssh-keygen(1): Support "ssh-keygen -lF hostname" to search known_hosts and print key hashes rather than full keys. - ssh-agent(1): Add -D flag to leave ssh-agent in foreground without enabling debug mode. - ssh(1), sshd(8): Deprecate legacy SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message and do not try to use it against some 3rd-party SSH implementations that use it (older PuTTY, WinSCP). - ssh(1), sshd(8): Cap DH-GEX group size at 4Kbits for Cisco implementations as some would fail when attempting to use group sizes >4K (closes: #740307, LP: #1287222). - ssh(1): Fix out-of-bound read in EscapeChar configuration option parsing. - sshd(8): Fix application of PermitTunnel, LoginGraceTime, AuthenticationMethods and StreamLocalBindMask options in Match blocks. - ssh(1), sshd(8): Improve disconnection message on TCP reset. - ssh(1): Remove failed remote forwards established by multiplexing from the list of active forwards. - sshd(8): Make parsing of authorized_keys "environment=" options independent of PermitUserEnv being enabled. - sshd(8): Fix post-auth crash with permitopen=none (closes: #778807). - ssh(1), ssh-add(1), ssh-keygen(1): Allow new-format private keys to be encrypted with AEAD ciphers. - ssh(1): Allow ListenAddress, Port and AddressFamily configuration options to appear in any order. - sshd(8): Check for and reject missing arguments for VersionAddendum and ForceCommand. - ssh(1), sshd(8): Don't treat unknown certificate extensions as fatal. - ssh-keygen(1): Make stdout and stderr output consistent. - ssh(1): Mention missing DISPLAY environment in debug log when X11 forwarding requested. - sshd(8): Correctly record login when UseLogin is set. - sshd(8): Add some missing options to sshd -T output and fix output of VersionAddendum and HostCertificate. - Document and improve consistency of options that accept a "none" argument: TrustedUserCAKeys, RevokedKeys, AuthorizedPrincipalsFile. - ssh(1): Include remote username in debug output. - sshd(8): Avoid compatibility problem with some versions of Tera Term, which would crash when they received the hostkeys notification message (hostkeys-00@openssh.com). - sshd(8): Mention ssh-keygen -E as useful when comparing legacy MD5 host key fingerprints. - ssh(1): Clarify pseudo-terminal request behaviour and make manual language consistent. - ssh(1): Document that the TERM environment variable is not subject to SendEnv and AcceptEnv; bz#2386 - sshd(8): Format UsePAM setting when using sshd -T (closes: #767648). - moduli(5): Update DH-GEX moduli (closes: #787037). * There are some things I want to fix before upgrading to 7.0p1, though I intend to do that soon. In the meantime, backport some patches, mainly to fix security issues: - SECURITY: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev. - SECURITY: sshd(8): Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit. - SECURITY: sshd(8): Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution (closes: #795711). Also reported by Moritz Jodeit. - CVE-2015-5600: sshd(8): Fix circumvention of MaxAuthTries using keyboard-interactive authentication (closes: #793616). By specifying a long, repeating keyboard-interactive "devices" string, an attacker could request the same authentication method be tried thousands of times in a single pass. The LoginGraceTime timeout in sshd(8) and any authentication failure delays implemented by the authentication mechanism itself were still applied. Found by Kingcope. - Let principals-command.sh work for noexec /var/run. * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the GSSAPI key exchange patch. * Document the Debian-specific change to the default value of ForwardX11Trusted in ssh(1) (closes: #781469). Checksums-Sha1: 32e55014f5912560d97bf10d865eaad7bcb4cbea 1096636 openssh-client-dbgsym_6.9p1-1_amd64.ddeb c61c7545231de5c27067f78280555987768ab44f 530564 openssh-client-udeb-dbgsym_6.9p1-1_amd64.ddeb b9cf58dd1d6d4ea024e5d9c73cc89c13f41a7abb 278240 openssh-client-udeb_6.9p1-1_amd64.udeb 4934c1b645f8dd62731aca710205e82ca6140ca8 600796 openssh-client_6.9p1-1_amd64.deb 4e3ad32abe1bac0e9f4b446b144d837435015508 608876 openssh-server-dbgsym_6.9p1-1_amd64.ddeb c5e3e4ed252db0f8c2f4aa6a7411cd8676d98f87 593122 openssh-server-udeb-dbgsym_6.9p1-1_amd64.ddeb 70e40fb3add011899135bd1fb221818ae51be65b 294914 openssh-server-udeb_6.9p1-1_amd64.udeb 97c50bccc91af9f3aa712037f256abb42ac43175 346784 openssh-server_6.9p1-1_amd64.deb 36ada114a567b31f23e70482c37f4ab13bbddcd3 73954 openssh-sftp-server-dbgsym_6.9p1-1_amd64.ddeb 8591528994cf73109c88fea126fe33f97355dc76 38356 openssh-sftp-server_6.9p1-1_amd64.deb 0f6f95a3e2c3059ddd06da95d90987eddccbcaa4 8480 openssh_6.9p1-1_amd64_translations.tar.gz cc6d43234bf21cdd95d25af1d919e96cf9b0d644 11522 ssh-askpass-gnome-dbgsym_6.9p1-1_amd64.ddeb 0be68f8da4c6e44eff5a6677178b2c77ac9242a1 14448 ssh-askpass-gnome_6.9p1-1_amd64.deb 8a47133f5d799888e4979c91cea8ac1e5e5b2763 7910 ssh-krb5_6.9p1-1_all.deb d84b016ff5bc9efb6d195c282eca0b220ae09e19 7066 ssh_6.9p1-1_all.deb Checksums-Sha256: f65545cea31d75c84ae71c0ff810983609484edda50e9412e5b37c89e7f1ea6b 1096636 openssh-client-dbgsym_6.9p1-1_amd64.ddeb d7e843136b872133419c770b26aec417450bfdc6be4ea0b4971ea2bae0814302 530564 openssh-client-udeb-dbgsym_6.9p1-1_amd64.ddeb 3d019a66fc0094a5ab9a6b67de72d9dba5aba7a6ed1be2c02cc036eae6468d93 278240 openssh-client-udeb_6.9p1-1_amd64.udeb 6bae971ed398d116703b4db75ec34a9186324855518738dc447059490ef33380 600796 openssh-client_6.9p1-1_amd64.deb 8d6d855940b26473e2e98f59d876b0f1e508194fdc7bad68fa50c5baecc84c45 608876 openssh-server-dbgsym_6.9p1-1_amd64.ddeb 06e64d100285b8714b053218d77cc1ba522052664c4174da2485c7bb1c9f1276 593122 openssh-server-udeb-dbgsym_6.9p1-1_amd64.ddeb 42072d9e111c7fdcbceff9b62c17cc25815d2ae6b67ef00ee20b01eba415c851 294914 openssh-server-udeb_6.9p1-1_amd64.udeb c1a63399a0eef2ae3c65bb59407b090492d6b1f806e003320d4ff2699db3c48b 346784 openssh-server_6.9p1-1_amd64.deb 968188ebbeaa1619bd14a3f4b84ed226dc48ae65c54bbf9002b4fe7c153544d1 73954 openssh-sftp-server-dbgsym_6.9p1-1_amd64.ddeb f90f839cbc17f37e6e135100747e91cf36699a02de381fec1039a7947581318c 38356 openssh-sftp-server_6.9p1-1_amd64.deb a21cb82ec94be4043ace81968475f70d4669d1ba03ea6308692a40270aa1f1c8 8480 openssh_6.9p1-1_amd64_translations.tar.gz 31dfb9bd7b633f17546bf172e5599ebb352a5d3d81f012a4f3af94f519bbbd67 11522 ssh-askpass-gnome-dbgsym_6.9p1-1_amd64.ddeb ca8fe3ab04adb18dcac3d8a7d05d45f2a8556d1cb3032999a69aa39c435c6e92 14448 ssh-askpass-gnome_6.9p1-1_amd64.deb a8ea14605be011a54c29a6bb46495dede7076c4c6019e4c24abb7833ed380bd2 7910 ssh-krb5_6.9p1-1_all.deb 0f7c214f4daebf1bfdfb69350e25fa3e728af90e97d781c48868af195a1afd8d 7066 ssh_6.9p1-1_all.deb Files: 33f79605999de492837a4a33030d6dcb 1096636 net extra openssh-client-dbgsym_6.9p1-1_amd64.ddeb c5db8535bafc1dcd54ccd0c159893358 530564 debian-installer extra openssh-client-udeb-dbgsym_6.9p1-1_amd64.ddeb f54e18ce362d799a5d1ff3112fb9195a 278240 debian-installer optional openssh-client-udeb_6.9p1-1_amd64.udeb 7a127409084e14f5b220dd87f9040193 600796 net standard openssh-client_6.9p1-1_amd64.deb e392bdb574e91b892bdb596aecfa3f6f 608876 net extra openssh-server-dbgsym_6.9p1-1_amd64.ddeb 0068bb320a00eb2c22b33133d1540b6d 593122 debian-installer extra openssh-server-udeb-dbgsym_6.9p1-1_amd64.ddeb 369b3aaab735eaf8e8cb25cf1a675230 294914 debian-installer optional openssh-server-udeb_6.9p1-1_amd64.udeb a60e20d8914c6f04084d7f323f350b7b 346784 net optional openssh-server_6.9p1-1_amd64.deb e9ea632f4c895387a97ed5d229e24a9e 73954 net extra openssh-sftp-server-dbgsym_6.9p1-1_amd64.ddeb 1cf983249a2eadbcde2d60bbde38b974 38356 net optional openssh-sftp-server_6.9p1-1_amd64.deb 27b9dbd0137313ad40b5bae054278d2d 8480 raw-translations - openssh_6.9p1-1_amd64_translations.tar.gz a2176d6cba56a8ea64a4dfb65b17b482 11522 gnome extra ssh-askpass-gnome-dbgsym_6.9p1-1_amd64.ddeb 634b5efbb1ffd4c5b6a0be411e790110 14448 gnome optional ssh-askpass-gnome_6.9p1-1_amd64.deb 5275373e339878041d54f3daa7fd65a4 7910 oldlibs extra ssh-krb5_6.9p1-1_all.deb 2040202679c9aa0afba9d430cf7b92af 7066 net extra ssh_6.9p1-1_all.deb