Hosting Provided By

[S] OpenSSH 3.6 released

From: Markus Friedl <markus(at)openbsd.org>
Date: Mon Mar 31 2003 - 07:48:54 EST

OpenSSH 3.6 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued support to the project, especially those who contributed source and bought T-shirts or posters.

We have a new design of T-shirt available, more info on

http://www.openbsd.org/tshirts.html#18

For international orders use http://https.openbsd.org/cgi-bin/order and for European orders, use http://https.openbsd.org/cgi-bin/order.eu

Changes since OpenSSH 3.5:

RSA blinding is now used by ssh(1), sshd(8) and ssh-agent(1). in order to avoid potential timing attacks against the RSA keys. Older versions of OpenSSH have been using RSA blinding in ssh-keysign(1) only.

Please note that there is no evidence that the SSH protocol is vulnerable to the OpenSSL/TLS timing attack described in

Do you need help?

http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf

ssh-agent(1) optionally requires user confirmation if a key gets used, see '-c' in ssh-add(1).
sshd(8) now handles PermitRootLogin correctly when UsePrivilegeSeparation is enabled.
sshd(8) now removes X11 cookies when a session gets closed.
ssh-keysign(8) is disabled by default and only enabled if the new EnableSSHKeysign option is set in the global ssh_config(5) file.
ssh(1) and sshd(8) now handle 'kex guesses' correctly (key exchange guesses).
ssh(1) no longer overwrites SIG_IGN. This matches behaviour from rsh(1) and is used by backup tools.
setting ProxyCommand to 'none' disables the proxy feature, see ssh_config(5).
scp(1) supports add -1 and -2.
scp(1) supports bandwidth limiting.
sftp(1) displays a progressmeter.
sftp(1) has improved error handling for scripting.

Checksums:

MD5 (openssh-3.6p1.tar.gz) = 72ef1134d521cb6926c99256dad17fe0
MD5 (openssh-3.6.tgz) = 758822b888c5c3f83a98045aef904254

Reporting Bugs:

please read http://www.openssh.com/report.html and http://bugzilla.mindrot.org/

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller and Ben Lindstrom.; 6 Received: from phpmailer ([192.168.8.21]) by ead.fortalnet.com.br with HTTP;

Tue, 20 May 2003 10:14:05 -0300
Date: Tue, 20 May 2003 10:14:05 -0300
From: "Todolist.php / ead.fortalnet.com.br" <valdson@fortalnet.com.br> X-Priority: 3
X-Mailer: phpmailer [version 1.62]
Return-Path: valdson@fortalnet.com.br
MIME-Version: 1.0
Content-Type: multipart/alternative;

boundary="b1_f33eabdaf93be44b4409d7bd32ed8be6"

--b1_f33eabdaf93be44b4409d7bd32ed8be6
Content-Type: text/plain; charset = "iso-8859-1"

projeto: 4 - CPD
prioridade: alta
porcentagem: 100
data final: 2003-04-05

: 2003-04-02
: 2003-04-08 08:23:17
: Atualização do Open Ssh

Do you need more help?

nota:

"---------- Forwarded message ---------- Date: Mon, 31 Mar 2003 14:48:54 +0200
From: Markus Friedl <markus@openbsd.org> Reply-To: seguranca@pangeia.com.br
To: misc@openbsd.org
Subject: [S] OpenSSH 3.6 released

OpenSSH 3.6 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued
support to the project, especially those who contributed source and
bought T-shirts or posters.

We have a new design of T-shirt available, more info on

http://www.openbsd.org/tshirts.html#18

For international orders use
http://https.openbsd.org/cgi-bin/order
and for European orders, use
http://https.openbsd.org/cgi-bin/order.eu

Can we help you?

Changes since OpenSSH 3.5:

RSA blinding is now used by ssh(1), sshd(8) and ssh-agent(1). in order to avoid potential timing attacks against the RSA keys. Older versions of OpenSSH have been using RSA blinding in ssh-keysign(1) only.

Please note that there is no evidence that the SSH protocol is
vulnerable to the OpenSSL/TLS timing attack described in

http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf

ssh-agent(1) optionally requires user confirmation if a key gets used, see '-c' in ssh-add(1).
sshd(8) now handles PermitRootLogin correctly when UsePrivilegeSeparation is enabled.
sshd(8) now removes X11 cookies when a session gets closed.
ssh-keysign(8) is disabled by default and only enabled if the new EnableSSHKeysign option is set in the global ssh_config(5) file.
ssh(1) and sshd(8) now handle 'kex guesses' correctly (key exchange guesses).
ssh(1) no longer overwrites SIG_IGN. This matches behaviour from rsh(1) and is used by backup tools.
setting ProxyCommand to 'none' disables the proxy feature, see ssh_config(5).
scp(1) supports add -1 and -2.
scp(1) supports bandwidth limiting.
sftp(1) displays a progressmeter.
sftp(1) has improved error handling for scripting.

Checksums:

MD5 (openssh-3.6p1.tar.gz) = 72ef1134d521cb6926c99256dad17fe0
MD5 (openssh-3.6.tgz) = 758822b888c5c3f83a98045aef904254

Reporting Bugs:

please read http://www.openssh.com/report.html and http://bugzilla.mindrot.org/

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom." Damasceno, Wlademy 2003-04-02 09:22:38

--b1_f33eabdaf93be44b4409d7bd32ed8be6
Content-Type: text/html; charset = "iso-8859-1"

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

			
			
			
			
			projeto 4 - CPD
			prioridade alta
			porcentagem 100
			data final 2003-04-05
			 2003-04-02
			 2003-04-08 08:23:17
			 Atualização do Open Ssh
			
			
nota:Texto usuário
			data
---------- Forwarded message ----------

Date: Mon, 31 Mar 2003 14:48:54 +0200


From: Markus Friedl <markus@openbsd.org>
Reply-To: seguranca@pangeia.com.br


To: misc@openbsd.org


Subject: [S] OpenSSH 3.6 released

Can't find what you're looking for? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related openbsd.org Links
advocacy
announce
bugs
ipv6
misc
ports
ports-changes
security-announce
smp
source-changes
tech
Request more information about Pantek

OpenSSH 3.6 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.


OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.


We would like to thank the OpenSSH community for their continued
support to the project, especially those who contributed source and
bought T-shirts or posters.


We have a new design of T-shirt available, more info on

        http://www.openbsd.org/tshirts.html#18

For international orders use http://https.openbsd.org/cgi-bin/order
and for European orders, use http://https.openbsd.org/cgi-bin/order.eu

Changes since OpenSSH 3.5:
  RSA blinding is now used by ssh(1), sshd(8) and ssh-agent(1).
  in order to avoid potential timing attacks against the RSA keys.
  Older versions of OpenSSH have been using RSA blinding in
  ssh-keysign(1) only.



  Please note that there is no evidence that the SSH protocol is
  vulnerable to the OpenSSL/TLS timing attack described in
Don't know where to look next? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related openbsd.org Links
advocacy
announce
bugs
ipv6
misc
ports
ports-changes
security-announce
smp
source-changes
tech
Request more information about Pantek

        http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf
  ssh-agent(1) optionally requires user confirmation if a key gets
  used, see '-c' in ssh-add(1).

  
  sshd(8) now handles PermitRootLogin correctly when UsePrivilegeSeparation
  is enabled.

  
  sshd(8) now removes X11 cookies when a session gets closed.

  
  ssh-keysign(8) is disabled by default and only enabled if the
  new EnableSSHKeysign option is set in the global ssh_config(5)
  file.

  
  ssh(1) and sshd(8) now handle 'kex guesses' correctly (key exchange
  guesses).

  
  ssh(1) no longer overwrites SIG_IGN.  This matches behaviour from
  rsh(1) and is used by backup tools.

  
  setting ProxyCommand to 'none' disables the proxy feature, see
  ssh_config(5).

  
  scp(1) supports add -1 and -2.

  
  scp(1) supports bandwidth limiting.

  
  sftp(1) displays a progressmeter.

  
  sftp(1) has improved error handling for scripting.




Checksums:
  MD5 (openssh-3.6p1.tar.gz) = 72ef1134d521cb6926c99256dad17fe0
  
  MD5 (openssh-3.6.tgz) = 758822b888c5c3f83a98045aef904254




Reporting Bugs:
  please read http://www.openssh.com/report.html
  and http://bugzilla.mindrot.org/

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom.</pre></td><td>Damasceno, Wlademy</td><td>2003-04-02 09:22:38</td><tr>
</table></BODY></HTML>




--b1_f33eabdaf93be44b4409d7bd32ed8be6--
Received on Tue May 20 09:12:42 2003
This message: [ Message body ]
Next message: parksie ;-): "Re: Reading OpenBSD HD from Windows"
Previous message: Julian Smith: "Reading OpenBSD HD from Windows"
Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 
: Wed Aug 23 2006 - 13:34:45 EDT

			
		
		
			
				
					
						
						
					Contact Us 
					Legal Notices 
					Order Services Online 
					

					Pantek Home 

					Privacy Policy 
					IT news 
					Site Map 
					Pantek Library