Using openssh-SNAP-20200514, on Solaris 10 for SPARC, using Solaris Studio 12.4, and our local build of OpenSSL 1.1.1g, all tests pass. -- Jeff Wieland, UNIX/Network Systems Administrator Purdue University IT Infrastructure Services UNIX Platforms Damien Miller wrote:> Hi, > > OpenSSH 8.3p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/ > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.html > > Portable OpenSSH is also available via git using the > instructions at http://www.openssh.com/portable.html#cvs > At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: > https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ ./configure && make tests > > Live testing on suitable non-production systems is also appreciated. > Please send reports of success or failure to > openssh-unix-dev at mindrot.org. Security bugs should be reported > directly to openssh at openssh.com. > > Below is a summary of changes. More detail may be found in the ChangeLog > in the portable OpenSSH tarballs. > > Thanks to the many people who contributed to this release. > > Security > =======> > * scp(1): when receiving files, scp(1) could be become desynchronised > if a utimes(2) system call failed. This could allow file contents > to be interpreted as file metadata and thereby permit an adversary > to craft a file system that, when copied with scp(1) in a > configuration that caused utimes(2) to fail (e.g. under a SELinux > policy or syscall sandbox), transferred different file names and > contents to the actual file system layout. > > Exploitation of this is not likely as utimes(2) does not fail under > normal circumstances. Successful exploitation is not silent - the > output of scp(1) would show transfer errors followed by the actual > file(s) that were received. > > Finally, filenames returned from the peer are (since openssh-8.0) > matched against the user's requested destination, thereby > disallowing a successful exploit from writing files outside the > user's selected target glob (or directory, in the case of a > recursive transfer). This ensures that this attack can achieve no > more than a hostile peer is already able to do within the scp > protocol. > > Potentially-incompatible changes > ===============================> > This release includes a number of changes that may affect existing > configurations: > > * sftp(1): reject an argument of "-1" in the same way as ssh(1) and > scp(1) do instead of accepting and silently ignoring it. > > Changes since OpenSSH 8.2 > ========================> > The focus of this release is bug fixing. > > New Features > ------------ > > * sshd(8): make IgnoreRhosts a tri-state option: "yes" to ignore > rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" > to allow .shosts files but not .rhosts. > > * sshd(8): allow the IgnoreRhosts directive to appear anywhere in a > sshd_config, not just before any Match blocks; bz3148 > > * ssh(1): add %TOKEN percent expansion for the LocalFoward and > RemoteForward keywords when used for Unix domain socket forwarding. > bz#3014 > > * all: allow loading public keys from the unencrypted envelope of a > private key file if no corresponding public key file is present. > > * ssh(1), sshd(8): prefer to use chacha20 from libcrypto where > possible instead of the (slower) portable C implementation included > in OpenSSH. > > * ssh-keygen(1): add ability to dump the contents of a binary key > revocation list via "ssh-keygen -lQf /path" bz#3132 > > Bugfixes > -------- > > * ssh(1): fix IdentitiesOnly=yes to also apply to keys loaded from > a PKCS11Provider; bz#3141 > > * ssh-keygen(1): avoid NULL dereference when trying to convert an > invalid RFC4716 private key. > > * scp(2): when performing remote-to-remote copies using "scp -3", > start the second ssh(1) channel with BatchMode=yes enabled to > avoid confusing and non-deterministic ordering of prompts. > > * ssh(1), ssh-keygen(1): when signing a challenge using a FIDO token, > perform hashing of the message to be signed in the middleware layer > rather than in OpenSSH code. This permits the use of security key > middlewares that perform the hashing implicitly, such as Windows > Hello. > > * ssh(1): fix incorrect error message for "too many known hosts > files." bz#3149 > > * ssh(1): make failures when establishing "Tunnel" forwarding > terminate the connection when ExitOnForwardFailure is enabled; > bz#3116 > > * ssh-keygen(1): fix printing of fingerprints on private keys and add > a regression test for same. > > * sshd(8): document order of checking AuthorizedKeysFile (first) and > AuthorizedKeysCommand (subsequently, if the file doesn't match); > bz#3134 > > * sshd(8): document that /etc/hosts.equiv and /etc/shosts.equiv are > not considered for HostbasedAuthentication when the target user is > root; bz#3148 > > * ssh(1), ssh-keygen(1): fix NULL dereference in private certificate > key parsing (oss-fuzz #20074). > > * ssh(1), sshd(8): more consistency between sets of %TOKENS are > accepted in various configuration options. > > * ssh(1), ssh-keygen(1): improve error messages for some common > PKCS#11 C_Login failure cases; bz#3130 > > * ssh(1), sshd(8): make error messages for problems during SSH banner > exchange consistent with other SSH transport-layer error messages > and ensure they include the relevant IP addresses bz#3129 > > * various: fix a number of spelling errors in comments and debug/error > messages > > * ssh-keygen(1), ssh-add(1): when downloading FIDO2 resident keys > from a token, don't prompt for a PIN until the token has told us > that it needs one. Avoids double-prompting on devices that > implement on-device authentication. > > * sshd(8), ssh-keygen(1): no-touch-required FIDO certificate option > should be an extension, not a critical option. > > * ssh(1), ssh-keygen(1), ssh-add(1): offer a better error message > when trying to use a FIDO key function and SecurityKeyProvider is > empty. > > * ssh-add(1), ssh-agent(8): ensure that a key lifetime fits within > the values allowed by the wire format (u32). Prevents integer > wraparound of the timeout values. bz#3119 > > * ssh(1): detect and prevent trivial configuration loops when using > ProxyJump. bz#3057. > > Portability > ----------- > > * Detect systems where signals flagged with SA_RESTART will interrupt > select(2). POSIX permits implementations to choose whether > select(2) will return when interrupted with a SA_RESTART-flagged > signal, but OpenSSH requires interrupting behaviour. > > * Several compilation fixes for HP/UX and AIX. > > * On platforms that do not support setting process-wide routing > domains (all excepting OpenBSD at present), fail to accept a > configuration attempts to set one at process start time rather than > fatally erroring at run time. bz#3126 > > * Improve detection of egrep (used in regression tests) on platforms > that offer a poor default one (e.g. Solaris). > > * A number of shell portability fixes for the regression tests. > > * Fix theoretical infinite loop in the glob(3) replacement > implementation. > > * Fix seccomp sandbox compilation problems for some Linux > configurations bz#3085 > > * Improved detection of libfido2 and some compilation fixes for some > configurations when --with-security-key-builtin is selected. > > OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de > Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, > Tim Rice and Ben Lindstrom. > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev