This is an automated email from the git hooks/post-receive script.
djm pushed a change to annotated tag V_9_5_P1
in repository openssh.
at e2b5d8ee (tag)
tagging 80a2f64b8c1d27383cc83d182b73920d1e6a91f1 (commit)
replaces V_9_3_P1
tagged by Damien Miller
on Wed Oct 4 15:55:00 2023 +1100
- Log -----------------------------------------------------------------
openssh-9.5p1
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ
AAAAhuaXN0cDI1NgAAAEEEucmjdlUMQ1hkZebm472VTtvSIMWrmAelO7Uxoc9ZMR892/D4
CMVBD+rliLO4wmRcawx1iZuUkQllgemb0hLtmQAAAARzc2g6AAAAA2dpdAAAAAAAAAAGc2
hhNTEyAAAAeAAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAASQAA
ACEA7WcEKKcqxpjfRRhVOznHOSsf6SlAWbpkBYA01cN3nl0AAAAgIlhw5EaLbGdhj9DaVi
Mtgw72SsEKJdOA52IQKECVmAQAAAAEDw==
-----END SSH SIGNATURE-----
Carlos RodrÃguez Gili (1):
Fix test error for /bin/sh on Solaris 10 and older
Damien Miller (25):
remove support for old libcrypto
put back SSLeay_version compat in configure test
Allow building with BoringSSL
don't use obsolete ERR_load_CRYPTO_strings()
another ERR_load_CRYPTO_strings() vestige
BoringSSL doesn't support EC_POINT_point2bn()
Github testing support for BoringSSL
don't call connect() on negative socket
need va_end() after va_copy(); ok dtucker
remove unused upper-case const strings in fmtfp
handle sysconf(SC_OPEN_MAX) returning > INT_MAX;
replace deprecate selinux matchpathcon function
portable-specific int overflow defence-in-depth
avoid AF_LINK on platforms that don't define it
conditionalise match localnetwork on ifaddrs.h
conditionalise stdint.h inclusion on HAVE_STDINT_H
agent_fuzz doesn't want stdint.h conditionalised
Bring back OPENSSL_HAS_ECC to ssh-pkcs11-client
depend
wrap poll.h include in HAVE_POLL_H
update version in README
update versions in RPM specs
depend
use portable provider allowlist path in manpage
crank version numbers
Darren Tucker (42):
Show 9.3 branch instead of 9.2.
Test latest OpenSSL 1.1, 3.0 and LibreSSL 3.7.
Find suitable OpenSSL version.
Specify test target if we build without OpenSSL.
Split libcrypto and other config flags.
Explicitly disable security key test on aix51 VM.
Also look for gdb error message from OpenIndiana.
Explicitly disable OpenSSL on AIX test VM.
Pass rpath when building 64bit Solaris.
Configure with --target instead of deprecated form.
Replace OPENSSL_NO_SHA with HEADER_SHA_H.
Remove HEADER_SHA_H from previous...
Prevent conflicts between Solaris SHA2 and OpenSSL.
child_set_eng: verify both env pointer and count.
Test against LibreSSL 3.7.2.
Add macos-13 test target.
Handle OpenSSL >=3 ABI compatibility.
Include config.guess in debug output.
Skip agent-peereid test on macos13.
Add macos13 PAM test target.
Update OpenSSL compat test for 3.x.
Suppress warning for snprintf truncation test.
Remove warning pragma since clang doesn't like it.
main(void) to prevent unused variable warning.
Special case OpenWrt instead of Dropbear.
Make ssh-copy-id(1) consistent with OpenSSH.
Update runner OS version for hardenedmalloc test.
Fix typo in declaration of nmesg.
Handle a couple more OpenSSL no-ecc cases.
Retire dfly58 test VM. Add dfly64.
Prefer OpenSSL's SHA256 in sk-dummy.so
Fix RNG seeding for OpenSSL w/out self seeding.
Only include unistd.h once.
Add obsd72 and obsd73 test targets.
Add 9.4 branch to CI status page.
Fix zlib version check for 1.3 and future version.
Add test for zlib development branch.
Add OpenBSD ARM64 test host.
obsd-arm64 host is real hardware...
Include Portable version in sshd version string.
Set LLONG_MAX for C89 test.
Use zero-call-used-regs=used with Apple compilers.
David Seifert (1):
gss-serv.c: `MAXHOSTNAMELEN` -> `HOST_NAME_MAX`
Jakub Jelen (1):
Remove outdated comment
Philip Hands (7):
update copyright notices
ssh-copy-id: add -x option (for debugging)
add -t option to specify the target path
make -x also apply to the target script
drop whitespace
if -s & -p specified, mention 'sftp -P' on success
fixup! if -s & -p specified, mention 'sftp -P' on
deraadt@openbsd.org (1):
upstream: typo; from Jim Spath
djm@openbsd.org (80):
upstream: scp: when copying local->remote, check that source file
upstream: fix test: getnameinfo returns a non-zero value on error, not
upstream: fix memory leak; Coverity CID 291848
upstream: return SSH_ERR_KEY_NOT_FOUND if the allowed_signers file
upstream: remove unused variable; prompted by Coverity CID 291879
upstream: don't attempt to decode a ridiculous number of
upstream: remove redundant test
upstream: don't print key if printing hostname failed; with/ok
upstream: clamp max number of GSSAPI mechanisms to 2048; ok dtucker
upstream: don't leak arg2 on parse_pubkey_algos error path; ok
upstream: don't care about glob() return value here.
upstream: match_user() shouldn't be called with user==NULL unless
upstream: remove redundant ssh!=NULL check; we'd already
upstream: simplify sshsig_find_principals() similar to what happened to
upstream: Check for ProxyJump=none in CanonicalizeHostname logic.
upstream: adjust ftruncate() logic to handle servers that reorder
upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand
upstream: reset comment=NULL for each key in do_fingerprint();
upstream: prepare for support for connecting to unix domain sockets
upstream: handle rlimits > INT_MAX (rlim_t is u64); ok dtucker
upstream: make `ssh -Q CASignatureAlgorithms` only list signature
upstream: better validate CASignatureAlgorithms in ssh_config and
upstream: misplaced debug message
upstream: add defence-in-depth checks for some unreachable integer
upstream: Support for KRL extensions.
upstream: remove vestigal support for KRL signatures
upstream: add a "match localnetwork" predicate.
upstream: Add support for configuration tags to ssh(1).
upstream: return SSH_ERR_KRL_BAD_MAGIC when a KRL doesn't contain a
upstream: Move RCSID to before license block and away from #includes,
upstream: move other RCSIDs to before their respective license blocks
upstream: missing match localnetwork negation check
upstream: terminate process if requested to load a PKCS#11 provider
upstream: Disallow remote addition of FIDO/PKCS11 provider
upstream: Ensure FIDO/PKCS11 libraries contain expected symbols
upstream: Separate ssh-pkcs11-helpers for each p11 module
upstream: make ssh -f (fork after authentication) work properly in
upstream: increase default KDF work-factor for OpenSSH format
upstream: make sshd_config AuthorizedPrincipalsCommand and
upstream: don't incorrectly truncate logged strings retrieved from
upstream: better error messages
upstream: test ChrootDirectory in Match block
upstream: add LTESTS_FROM variable to allow skipping of tests up to
upstream: don't need to start a command here; use ssh -N instead.
upstream: CheckHostIP has defaulted to 'no' for a while; make the
upstream: openssh-9.4
upstream: better debug logging of sessions' exit status
upstream: add message number of SSH2_MSG_NEWCOMPRESS defined in RFC8308
upstream: defence-in-depth MaxAuthTries check in monitor; ok markus
upstream: fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
upstream: want stdlib.h for free(3)
upstream: correct math for ClientAliveInterval that caused the
upstream: Introduce a transport-level ping facility
upstream: Add keystroke timing obfuscation to the client.
upstream: explicit long long type in timing calculations (doesn't
upstream: limit artificial login delay to a reasonable maximum (5s)
upstream: descriptive text shouldn't be under .Cm
upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@
upstream: set interactive mode for ControlPersist sessions if they
upstream: make channel_output_poll() return a flag indicating
upstream: avoid bogus "obfuscate_keystroke_timing: stopping ..."
upstream: trigger keystroke timing obfucation only if the channels
upstream: handle cr+lf (instead of just cr) in sshsig signature
upstream: downgrade duplicate Subsystem directives from being a
upstream: preserve quoting of Subsystem commands and arguments.
upstream: allocate the subsystems array as necessary and remove the
upstream: allow override of Sybsystem directives in sshd Match
upstream: regression test for override of subsystem in match blocks
upstream: fix scp in SFTP mode recursive upload and download of
upstream: the sftp code was one of my first contributions to
upstream: regress test for recursive copies of directories containing
upstream: fix recursive remote-remote copies of directories that
upstream: regress test recursive remote-remote directories copies where
upstream: fix sizeof(*ptr) instead sizeof(ptr) in realloc (pointer here
upstream: randomise keystroke obfuscation intervals and average
upstream: typo in comment
upstream: rename remote_glob() -> sftp_glob() to match other API
upstream: fix link to agent draft; spotted by Jann Horn
upstream: add some cautionary text about % token expansion and
upstream: openssh-9.5
dlg@openbsd.org (1):
upstream: add support for unix domain sockets to ssh -W
dtucker@openbsd.org (20):
upstream: Add tilde and environment variable expansion to
upstream: Add RevokedHostKeys to percent expansion test.
upstream: Remove compat code for OpenSSL 1.0.*
upstream: Remove compat code for OpenSSL < 1.1.*
upstream: Plug more mem leaks in sftp by making
upstream: Plug potential mem leak in process_put.
upstream: Ignore return from sshpkt_disconnect
upstream: Remove dead code from inside if block.
upstream: Ignore return value from muxclient(). It normally loops
upstream: Check fd against >=0 instead of >0 in error path. The
upstream: Return immediately from get_sock_port
upstream: Explictly ignore return codes
upstream: Explicitly ignore return from waitpid here too.
upstream: Move up null check and simplify process_escapes.
upstream: Import regenerated moduli.
upstream: Remove unused prototypes for ssh1 RSA functions.
upstream: minleft and maxsign are u_int so cast appropriately. Prompted
upstream: Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
upstream: remove unnecessary if statement.
upstream: Apply ConnectTimeout to multiplexing local socket
jmc@openbsd.org (5):
upstream: -P before -p in SYNOPSIS;
upstream: - add -P to usage() - sync the arg name to -J in usage()
upstream: tweak the allow-remote-pkcs11 text;
upstream: %C is a callable macro in mdoc(7)
upstream: add spacing for punctuation when macro args;
job@openbsd.org (1):
upstream: Generate Ed25519 keys when invoked without arguments
jsg@openbsd.org (3):
upstream: fix double words ok dtucker@
upstream: remove duplicate signal.h include
upstream: configuation -> configuration
millert@openbsd.org (1):
upstream: Store timeouts as int, not u_int as they are limited to
naddy@openbsd.org (2):
upstream: man page typos; ok jmc@
upstream: drop a wayward comma, ok jmc@
tobhe@openbsd.org (1):
upstream: Log errors in kex_exchange_identification() with level
-----------------------------------------------------------------------
No new revisions were added by this update.
--
To stop receiving notification emails like this one, please contact
djm@mindrot.org.
_______________________________________________
openssh-commits mailing list
openssh-commits@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-commits
djm pushed a change to annotated tag V_9_5_P1
in repository openssh.
at e2b5d8ee (tag)
tagging 80a2f64b8c1d27383cc83d182b73920d1e6a91f1 (commit)
replaces V_9_3_P1
tagged by Damien Miller
on Wed Oct 4 15:55:00 2023 +1100
- Log -----------------------------------------------------------------
openssh-9.5p1
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ
AAAAhuaXN0cDI1NgAAAEEEucmjdlUMQ1hkZebm472VTtvSIMWrmAelO7Uxoc9ZMR892/D4
CMVBD+rliLO4wmRcawx1iZuUkQllgemb0hLtmQAAAARzc2g6AAAAA2dpdAAAAAAAAAAGc2
hhNTEyAAAAeAAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAASQAA
ACEA7WcEKKcqxpjfRRhVOznHOSsf6SlAWbpkBYA01cN3nl0AAAAgIlhw5EaLbGdhj9DaVi
Mtgw72SsEKJdOA52IQKECVmAQAAAAEDw==
-----END SSH SIGNATURE-----
Carlos RodrÃguez Gili (1):
Fix test error for /bin/sh on Solaris 10 and older
Damien Miller (25):
remove support for old libcrypto
put back SSLeay_version compat in configure test
Allow building with BoringSSL
don't use obsolete ERR_load_CRYPTO_strings()
another ERR_load_CRYPTO_strings() vestige
BoringSSL doesn't support EC_POINT_point2bn()
Github testing support for BoringSSL
don't call connect() on negative socket
need va_end() after va_copy(); ok dtucker
remove unused upper-case const strings in fmtfp
handle sysconf(SC_OPEN_MAX) returning > INT_MAX;
replace deprecate selinux matchpathcon function
portable-specific int overflow defence-in-depth
avoid AF_LINK on platforms that don't define it
conditionalise match localnetwork on ifaddrs.h
conditionalise stdint.h inclusion on HAVE_STDINT_H
agent_fuzz doesn't want stdint.h conditionalised
Bring back OPENSSL_HAS_ECC to ssh-pkcs11-client
depend
wrap poll.h include in HAVE_POLL_H
update version in README
update versions in RPM specs
depend
use portable provider allowlist path in manpage
crank version numbers
Darren Tucker (42):
Show 9.3 branch instead of 9.2.
Test latest OpenSSL 1.1, 3.0 and LibreSSL 3.7.
Find suitable OpenSSL version.
Specify test target if we build without OpenSSL.
Split libcrypto and other config flags.
Explicitly disable security key test on aix51 VM.
Also look for gdb error message from OpenIndiana.
Explicitly disable OpenSSL on AIX test VM.
Pass rpath when building 64bit Solaris.
Configure with --target instead of deprecated form.
Replace OPENSSL_NO_SHA with HEADER_SHA_H.
Remove HEADER_SHA_H from previous...
Prevent conflicts between Solaris SHA2 and OpenSSL.
child_set_eng: verify both env pointer and count.
Test against LibreSSL 3.7.2.
Add macos-13 test target.
Handle OpenSSL >=3 ABI compatibility.
Include config.guess in debug output.
Skip agent-peereid test on macos13.
Add macos13 PAM test target.
Update OpenSSL compat test for 3.x.
Suppress warning for snprintf truncation test.
Remove warning pragma since clang doesn't like it.
main(void) to prevent unused variable warning.
Special case OpenWrt instead of Dropbear.
Make ssh-copy-id(1) consistent with OpenSSH.
Update runner OS version for hardenedmalloc test.
Fix typo in declaration of nmesg.
Handle a couple more OpenSSL no-ecc cases.
Retire dfly58 test VM. Add dfly64.
Prefer OpenSSL's SHA256 in sk-dummy.so
Fix RNG seeding for OpenSSL w/out self seeding.
Only include unistd.h once.
Add obsd72 and obsd73 test targets.
Add 9.4 branch to CI status page.
Fix zlib version check for 1.3 and future version.
Add test for zlib development branch.
Add OpenBSD ARM64 test host.
obsd-arm64 host is real hardware...
Include Portable version in sshd version string.
Set LLONG_MAX for C89 test.
Use zero-call-used-regs=used with Apple compilers.
David Seifert (1):
gss-serv.c: `MAXHOSTNAMELEN` -> `HOST_NAME_MAX`
Jakub Jelen (1):
Remove outdated comment
Philip Hands (7):
update copyright notices
ssh-copy-id: add -x option (for debugging)
add -t option to specify the target path
make -x also apply to the target script
drop whitespace
if -s & -p specified, mention 'sftp -P' on success
fixup! if -s & -p specified, mention 'sftp -P' on
deraadt@openbsd.org (1):
upstream: typo; from Jim Spath
djm@openbsd.org (80):
upstream: scp: when copying local->remote, check that source file
upstream: fix test: getnameinfo returns a non-zero value on error, not
upstream: fix memory leak; Coverity CID 291848
upstream: return SSH_ERR_KEY_NOT_FOUND if the allowed_signers file
upstream: remove unused variable; prompted by Coverity CID 291879
upstream: don't attempt to decode a ridiculous number of
upstream: remove redundant test
upstream: don't print key if printing hostname failed; with/ok
upstream: clamp max number of GSSAPI mechanisms to 2048; ok dtucker
upstream: don't leak arg2 on parse_pubkey_algos error path; ok
upstream: don't care about glob() return value here.
upstream: match_user() shouldn't be called with user==NULL unless
upstream: remove redundant ssh!=NULL check; we'd already
upstream: simplify sshsig_find_principals() similar to what happened to
upstream: Check for ProxyJump=none in CanonicalizeHostname logic.
upstream: adjust ftruncate() logic to handle servers that reorder
upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand
upstream: reset comment=NULL for each key in do_fingerprint();
upstream: prepare for support for connecting to unix domain sockets
upstream: handle rlimits > INT_MAX (rlim_t is u64); ok dtucker
upstream: make `ssh -Q CASignatureAlgorithms` only list signature
upstream: better validate CASignatureAlgorithms in ssh_config and
upstream: misplaced debug message
upstream: add defence-in-depth checks for some unreachable integer
upstream: Support for KRL extensions.
upstream: remove vestigal support for KRL signatures
upstream: add a "match localnetwork" predicate.
upstream: Add support for configuration tags to ssh(1).
upstream: return SSH_ERR_KRL_BAD_MAGIC when a KRL doesn't contain a
upstream: Move RCSID to before license block and away from #includes,
upstream: move other RCSIDs to before their respective license blocks
upstream: missing match localnetwork negation check
upstream: terminate process if requested to load a PKCS#11 provider
upstream: Disallow remote addition of FIDO/PKCS11 provider
upstream: Ensure FIDO/PKCS11 libraries contain expected symbols
upstream: Separate ssh-pkcs11-helpers for each p11 module
upstream: make ssh -f (fork after authentication) work properly in
upstream: increase default KDF work-factor for OpenSSH format
upstream: make sshd_config AuthorizedPrincipalsCommand and
upstream: don't incorrectly truncate logged strings retrieved from
upstream: better error messages
upstream: test ChrootDirectory in Match block
upstream: add LTESTS_FROM variable to allow skipping of tests up to
upstream: don't need to start a command here; use ssh -N instead.
upstream: CheckHostIP has defaulted to 'no' for a while; make the
upstream: openssh-9.4
upstream: better debug logging of sessions' exit status
upstream: add message number of SSH2_MSG_NEWCOMPRESS defined in RFC8308
upstream: defence-in-depth MaxAuthTries check in monitor; ok markus
upstream: fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
upstream: want stdlib.h for free(3)
upstream: correct math for ClientAliveInterval that caused the
upstream: Introduce a transport-level ping facility
upstream: Add keystroke timing obfuscation to the client.
upstream: explicit long long type in timing calculations (doesn't
upstream: limit artificial login delay to a reasonable maximum (5s)
upstream: descriptive text shouldn't be under .Cm
upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@
upstream: set interactive mode for ControlPersist sessions if they
upstream: make channel_output_poll() return a flag indicating
upstream: avoid bogus "obfuscate_keystroke_timing: stopping ..."
upstream: trigger keystroke timing obfucation only if the channels
upstream: handle cr+lf (instead of just cr) in sshsig signature
upstream: downgrade duplicate Subsystem directives from being a
upstream: preserve quoting of Subsystem commands and arguments.
upstream: allocate the subsystems array as necessary and remove the
upstream: allow override of Sybsystem directives in sshd Match
upstream: regression test for override of subsystem in match blocks
upstream: fix scp in SFTP mode recursive upload and download of
upstream: the sftp code was one of my first contributions to
upstream: regress test for recursive copies of directories containing
upstream: fix recursive remote-remote copies of directories that
upstream: regress test recursive remote-remote directories copies where
upstream: fix sizeof(*ptr) instead sizeof(ptr) in realloc (pointer here
upstream: randomise keystroke obfuscation intervals and average
upstream: typo in comment
upstream: rename remote_glob() -> sftp_glob() to match other API
upstream: fix link to agent draft; spotted by Jann Horn
upstream: add some cautionary text about % token expansion and
upstream: openssh-9.5
dlg@openbsd.org (1):
upstream: add support for unix domain sockets to ssh -W
dtucker@openbsd.org (20):
upstream: Add tilde and environment variable expansion to
upstream: Add RevokedHostKeys to percent expansion test.
upstream: Remove compat code for OpenSSL 1.0.*
upstream: Remove compat code for OpenSSL < 1.1.*
upstream: Plug more mem leaks in sftp by making
upstream: Plug potential mem leak in process_put.
upstream: Ignore return from sshpkt_disconnect
upstream: Remove dead code from inside if block.
upstream: Ignore return value from muxclient(). It normally loops
upstream: Check fd against >=0 instead of >0 in error path. The
upstream: Return immediately from get_sock_port
upstream: Explictly ignore return codes
upstream: Explicitly ignore return from waitpid here too.
upstream: Move up null check and simplify process_escapes.
upstream: Import regenerated moduli.
upstream: Remove unused prototypes for ssh1 RSA functions.
upstream: minleft and maxsign are u_int so cast appropriately. Prompted
upstream: Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
upstream: remove unnecessary if statement.
upstream: Apply ConnectTimeout to multiplexing local socket
jmc@openbsd.org (5):
upstream: -P before -p in SYNOPSIS;
upstream: - add -P to usage() - sync the arg name to -J in usage()
upstream: tweak the allow-remote-pkcs11 text;
upstream: %C is a callable macro in mdoc(7)
upstream: add spacing for punctuation when macro args;
job@openbsd.org (1):
upstream: Generate Ed25519 keys when invoked without arguments
jsg@openbsd.org (3):
upstream: fix double words ok dtucker@
upstream: remove duplicate signal.h include
upstream: configuation -> configuration
millert@openbsd.org (1):
upstream: Store timeouts as int, not u_int as they are limited to
naddy@openbsd.org (2):
upstream: man page typos; ok jmc@
upstream: drop a wayward comma, ok jmc@
tobhe@openbsd.org (1):
upstream: Log errors in kex_exchange_identification() with level
-----------------------------------------------------------------------
No new revisions were added by this update.
--
To stop receiving notification emails like this one, please contact
djm@mindrot.org.
_______________________________________________
openssh-commits mailing list
openssh-commits@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-commits