[ubuntu/noble-proposed] openssh 1:9.6p1-3ubuntu1 (Accepted)
Miriam España Acebal
miriam.espana at canonical.com
Tue Jan 30 15:20:13 UTC 2024
openssh (1:9.6p1-3ubuntu1) noble; urgency=medium
* Merge with Debian unstable (LP: #2040406). Remaining changes:
- debian/rules: modify dh_installsystemd invocations for
socket-activated sshd.
- debian/openssh-server.postinst: handle migration of sshd_config
options to systemd socket options on upgrade.
- debian/README.Debian: document systemd socket activation.
- debian/patches/socket-activation-documentation.patch: Document
in sshd_config(5) that ListenAddress and Port no longer work.
- debian/openssh-server.templates: include debconf prompt
explaining when migration cannot happen due to multiple
ListenAddress values.
- debian/.gitignore: drop file.
- debian/openssh-server.postrm: remove systemd drop-ins for
socket-activated sshd on purge.
- debian/openssh-server.ucf-md5sum: update for Ubuntu delta
- debian/openssh-server.tmpfile,debian/systemd/ssh.service: Move
/run/sshd creation out of the systemd unit to a tmpfile config
so that sshd can be run manually if necessary without having to
create this directory by hand.
- debian/patches/systemd-socket-activation.patch: Fix sshd
re-execution behavior when socket activation is used.
- debian/tests/systemd-socket-activation: Add autopkgtest
for systemd socket activation functionality.
- d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no
for some tests.
* Dropped changes, fixed upstream:
- d/p/fix-ftbfs-with-zlib13.patch: fix ftbfs when using zlib 1.3
(LP #2049552)
openssh (1:9.6p1-3) unstable; urgency=medium
* Allow passing extra ssh-agent arguments via
"/usr/lib/openssh/agent-launch start", making it possible to override
things like identity lifetime using a systemd drop-in unit (closes:
#1059639).
* Don't try to start rescue-ssh.target in postinst (LP: #2047082).
openssh (1:9.6p1-2) unstable; urgency=medium
* Improve detection of broken -fzero-call-used-regs=used (see
https://bugzilla.mindrot.org/show_bug.cgi?id=3645; fixes build on
ppc64/ppc64el).
openssh (1:9.6p1-1) unstable; urgency=medium
* Use single quotes in suggested ssh-keygen commands (closes: #1057835).
* Debconf translations:
- Catalan (thanks, Pablo Huguet; closes: #1049995).
* New upstream release (https://www.openssh.com/releasenotes.html#9.6p1):
- [CVE-2023-48795] ssh(1), sshd(8): implement protocol extensions to
thwart the so-called "Terrapin attack" discovered by Fabian Bäumer,
Marcus Brinkmann and Jörg Schwenk. This attack allows a MITM to effect
a limited break of the integrity of the early encrypted SSH transport
protocol by sending extra messages prior to the commencement of
encryption, and deleting an equal number of consecutive messages
immediately after encryption starts. A peer SSH client/server would
not be able to detect that messages were deleted.
- [CVE-2023-51384] ssh-agent(1): when adding PKCS#11-hosted private keys
while specifying destination constraints, if the PKCS#11 token
returned multiple keys then only the first key had the constraints
applied. Use of regular private keys, FIDO tokens and unconstrained
keys are unaffected.
- [CVE-2023-51385] ssh(1): if an invalid user or hostname that contained
shell metacharacters was passed to ssh(1), and a ProxyCommand,
LocalCommand directive or "match exec" predicate referenced the user
or hostname via %u, %h or similar expansion token, then an attacker
who could supply arbitrary user/hostnames to ssh(1) could potentially
perform command injection depending on what quoting was present in the
user-supplied ssh_config(5) directive. OpenSSH 9.6 now bans most shell
metacharacters from user and hostnames supplied via the command-line.
- ssh(1), sshd(8): the RFC4254 connection/channels protocol provides a
TCP-like window mechanism that limits the amount of data that can be
sent without acceptance from the peer. In cases where this limit was
exceeded by a non-conforming peer SSH implementation, ssh(1)/sshd(8)
previously discarded the extra data. From OpenSSH 9.6, ssh(1)/sshd(8)
will now terminate the connection if a peer exceeds the window limit
by more than a small grace factor. This change should have no effect
of SSH implementations that follow the specification.
- ssh(1): add a %j token that expands to the configured ProxyJump
hostname (or the empty string if this option is not being used) that
can be used in a number of ssh_config(5) keywords.
- ssh(1): add ChannelTimeout support to the client, mirroring the same
option in the server and allowing ssh(1) to terminate quiescent
channels.
- ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): add support for reading
ED25519 private keys in PEM PKCS8 format. Previously only the OpenSSH
private key format was supported.
- ssh(1), sshd(8): introduce a protocol extension to allow renegotiation
of acceptable signature algorithms for public key authentication after
the server has learned the username being used for authentication.
This allows varying sshd_config(5) PubkeyAcceptedAlgorithms in a
"Match user" block.
- ssh-add(1), ssh-agent(1): add an agent protocol extension to allow
specifying certificates when loading PKCS#11 keys. This allows the use
of certificates backed by PKCS#11 private keys in all OpenSSH tools
that support ssh-agent(1). Previously only ssh(1) supported this
use-case.
- ssh(1): when deciding whether to enable the keystroke timing
obfuscation, enable it only if a channel with a TTY is active.
- ssh(1): switch mainloop from poll(3) to ppoll(3) and mask signals
before checking flags set in signal handler. Avoids potential race
condition between signaling ssh to exit and polling.
- ssh(1): when connecting to a destination with both the AddressFamily
and CanonicalizeHostname directives in use, the AddressFamily
directive could be ignored.
- sftp(1): correct handling of the limits at openssh.com option when the
server returned an unexpected message.
- ssh(1): release GSS OIDs only at end of authentication, avoiding
unnecessary init/cleanup cycles.
- ssh_config(5): mention "none" is a valid argument to IdentityFile in
the manual.
- scp(1): improved debugging for paths from the server rejected for not
matching the client's glob(3) pattern in old SCP/RCP protocol mode.
- ssh-agent(1): refuse signing operations on destination-constrained
keys if a previous session-bind operation has failed. This may prevent
a fail-open situation in future if a user uses a mismatched ssh(1)
client and ssh-agent(1) where the client supports a key type that the
agent does not support.
* debian/run-tests: Supply absolute paths to tools.
* debian/run-tests: Enable interop tests for Dropbear.
openssh (1:9.5p1-2) unstable; urgency=medium
* Upload to unstable.
openssh (1:9.5p1-1) experimental; urgency=medium
* New upstream release (https://www.openssh.com/releasenotes.html#9.5p1):
- ssh-keygen(1): generate Ed25519 keys by default. Ed25519 public keys
are very convenient due to their small size. Ed25519 keys are
specified in RFC 8709 and OpenSSH has supported them since version 6.5
(January 2014).
- sshd(8): the Subsystem directive now accurately preserves quoting of
subsystem commands and arguments. This may change behaviour for exotic
configurations, but the most common subsystem configuration
(sftp-server) is unlikely to be affected.
- ssh(1): add keystroke timing obfuscation to the client. This attempts
to hide inter-keystroke timings by sending interactive traffic at
fixed intervals (default: every 20ms) when there is only a small
amount of data being sent. It also sends fake "chaff" keystrokes for a
random interval after the last real keystroke. These are controlled by
a new ssh_config ObscureKeystrokeTiming keyword.
- ssh(1), sshd(8): Introduce a transport-level ping facility. This adds
a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to
implement a ping capability. These messages use numbers in the "local
extensions" number space and are advertised using a "ping at openssh.com"
ext-info message with a string version number of "0".
- sshd(8): allow override of Subsystem directives in sshd Match blocks.
- scp(1): fix scp in SFTP mode recursive upload and download of
directories that contain symlinks to other directories. In scp mode,
the links would be followed, but in SFTP mode they were not.
- ssh-keygen(1): handle cr+lf (instead of just cr) line endings in
sshsig signature files.
- ssh(1): interactive mode for ControlPersist sessions if they
originally requested a tty.
- sshd(8): make PerSourceMaxStartups first-match-wins.
- sshd(8): limit artificial login delay to a reasonable maximum (5s) and
don't delay at all for the "none" authentication mechanism.
- sshd(8): Log errors in kex_exchange_identification() with level
verbose instead of error to reduce preauth log spam. All of those get
logged with a more generic error message by sshpkt_fatal().
- sshd(8): correct math for ClientAliveInterval that caused the probes
to be sent less frequently than configured.
- ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
multiplexed sessions to ignore SIGINT under some circumstances.
* Build-depend on dh-sequence-movetousr.
* Report DebianBanner setting in "sshd -G/-T" output (thanks, Rasmus
Villemoes; closes: #1053555).
Date: Mon, 29 Jan 2024 11:16:31 +0100
Changed-By: Miriam España Acebal <miriam.espana at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Nick Rosbrook <nick.rosbrook at canonical.com>
https://launchpad.net/ubuntu/+source/openssh/1:9.6p1-3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 29 Jan 2024 11:16:31 +0100
Source: openssh
Built-For-Profiles: noudeb
Architecture: source
Version: 1:9.6p1-3ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Miriam España Acebal <miriam.espana at canonical.com>
Closes: 1049995 1053555 1057835 1059639
Launchpad-Bugs-Fixed: 2040406 2047082
Changes:
openssh (1:9.6p1-3ubuntu1) noble; urgency=medium
.
* Merge with Debian unstable (LP: #2040406). Remaining changes:
- debian/rules: modify dh_installsystemd invocations for
socket-activated sshd.
- debian/openssh-server.postinst: handle migration of sshd_config
options to systemd socket options on upgrade.
- debian/README.Debian: document systemd socket activation.
- debian/patches/socket-activation-documentation.patch: Document
in sshd_config(5) that ListenAddress and Port no longer work.
- debian/openssh-server.templates: include debconf prompt
explaining when migration cannot happen due to multiple
ListenAddress values.
- debian/.gitignore: drop file.
- debian/openssh-server.postrm: remove systemd drop-ins for
socket-activated sshd on purge.
- debian/openssh-server.ucf-md5sum: update for Ubuntu delta
- debian/openssh-server.tmpfile,debian/systemd/ssh.service: Move
/run/sshd creation out of the systemd unit to a tmpfile config
so that sshd can be run manually if necessary without having to
create this directory by hand.
- debian/patches/systemd-socket-activation.patch: Fix sshd
re-execution behavior when socket activation is used.
- debian/tests/systemd-socket-activation: Add autopkgtest
for systemd socket activation functionality.
- d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no
for some tests.
* Dropped changes, fixed upstream:
- d/p/fix-ftbfs-with-zlib13.patch: fix ftbfs when using zlib 1.3
(LP #2049552)
.
openssh (1:9.6p1-3) unstable; urgency=medium
.
* Allow passing extra ssh-agent arguments via
"/usr/lib/openssh/agent-launch start", making it possible to override
things like identity lifetime using a systemd drop-in unit (closes:
#1059639).
* Don't try to start rescue-ssh.target in postinst (LP: #2047082).
.
openssh (1:9.6p1-2) unstable; urgency=medium
.
* Improve detection of broken -fzero-call-used-regs=used (see
https://bugzilla.mindrot.org/show_bug.cgi?id=3645; fixes build on
ppc64/ppc64el).
.
openssh (1:9.6p1-1) unstable; urgency=medium
.
* Use single quotes in suggested ssh-keygen commands (closes: #1057835).
* Debconf translations:
- Catalan (thanks, Pablo Huguet; closes: #1049995).
* New upstream release (https://www.openssh.com/releasenotes.html#9.6p1):
- [CVE-2023-48795] ssh(1), sshd(8): implement protocol extensions to
thwart the so-called "Terrapin attack" discovered by Fabian Bäumer,
Marcus Brinkmann and Jörg Schwenk. This attack allows a MITM to effect
a limited break of the integrity of the early encrypted SSH transport
protocol by sending extra messages prior to the commencement of
encryption, and deleting an equal number of consecutive messages
immediately after encryption starts. A peer SSH client/server would
not be able to detect that messages were deleted.
- [CVE-2023-51384] ssh-agent(1): when adding PKCS#11-hosted private keys
while specifying destination constraints, if the PKCS#11 token
returned multiple keys then only the first key had the constraints
applied. Use of regular private keys, FIDO tokens and unconstrained
keys are unaffected.
- [CVE-2023-51385] ssh(1): if an invalid user or hostname that contained
shell metacharacters was passed to ssh(1), and a ProxyCommand,
LocalCommand directive or "match exec" predicate referenced the user
or hostname via %u, %h or similar expansion token, then an attacker
who could supply arbitrary user/hostnames to ssh(1) could potentially
perform command injection depending on what quoting was present in the
user-supplied ssh_config(5) directive. OpenSSH 9.6 now bans most shell
metacharacters from user and hostnames supplied via the command-line.
- ssh(1), sshd(8): the RFC4254 connection/channels protocol provides a
TCP-like window mechanism that limits the amount of data that can be
sent without acceptance from the peer. In cases where this limit was
exceeded by a non-conforming peer SSH implementation, ssh(1)/sshd(8)
previously discarded the extra data. From OpenSSH 9.6, ssh(1)/sshd(8)
will now terminate the connection if a peer exceeds the window limit
by more than a small grace factor. This change should have no effect
of SSH implementations that follow the specification.
- ssh(1): add a %j token that expands to the configured ProxyJump
hostname (or the empty string if this option is not being used) that
can be used in a number of ssh_config(5) keywords.
- ssh(1): add ChannelTimeout support to the client, mirroring the same
option in the server and allowing ssh(1) to terminate quiescent
channels.
- ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): add support for reading
ED25519 private keys in PEM PKCS8 format. Previously only the OpenSSH
private key format was supported.
- ssh(1), sshd(8): introduce a protocol extension to allow renegotiation
of acceptable signature algorithms for public key authentication after
the server has learned the username being used for authentication.
This allows varying sshd_config(5) PubkeyAcceptedAlgorithms in a
"Match user" block.
- ssh-add(1), ssh-agent(1): add an agent protocol extension to allow
specifying certificates when loading PKCS#11 keys. This allows the use
of certificates backed by PKCS#11 private keys in all OpenSSH tools
that support ssh-agent(1). Previously only ssh(1) supported this
use-case.
- ssh(1): when deciding whether to enable the keystroke timing
obfuscation, enable it only if a channel with a TTY is active.
- ssh(1): switch mainloop from poll(3) to ppoll(3) and mask signals
before checking flags set in signal handler. Avoids potential race
condition between signaling ssh to exit and polling.
- ssh(1): when connecting to a destination with both the AddressFamily
and CanonicalizeHostname directives in use, the AddressFamily
directive could be ignored.
- sftp(1): correct handling of the limits at openssh.com option when the
server returned an unexpected message.
- ssh(1): release GSS OIDs only at end of authentication, avoiding
unnecessary init/cleanup cycles.
- ssh_config(5): mention "none" is a valid argument to IdentityFile in
the manual.
- scp(1): improved debugging for paths from the server rejected for not
matching the client's glob(3) pattern in old SCP/RCP protocol mode.
- ssh-agent(1): refuse signing operations on destination-constrained
keys if a previous session-bind operation has failed. This may prevent
a fail-open situation in future if a user uses a mismatched ssh(1)
client and ssh-agent(1) where the client supports a key type that the
agent does not support.
* debian/run-tests: Supply absolute paths to tools.
* debian/run-tests: Enable interop tests for Dropbear.
.
openssh (1:9.5p1-2) unstable; urgency=medium
.
* Upload to unstable.
.
openssh (1:9.5p1-1) experimental; urgency=medium
.
* New upstream release (https://www.openssh.com/releasenotes.html#9.5p1):
- ssh-keygen(1): generate Ed25519 keys by default. Ed25519 public keys
are very convenient due to their small size. Ed25519 keys are
specified in RFC 8709 and OpenSSH has supported them since version 6.5
(January 2014).
- sshd(8): the Subsystem directive now accurately preserves quoting of
subsystem commands and arguments. This may change behaviour for exotic
configurations, but the most common subsystem configuration
(sftp-server) is unlikely to be affected.
- ssh(1): add keystroke timing obfuscation to the client. This attempts
to hide inter-keystroke timings by sending interactive traffic at
fixed intervals (default: every 20ms) when there is only a small
amount of data being sent. It also sends fake "chaff" keystrokes for a
random interval after the last real keystroke. These are controlled by
a new ssh_config ObscureKeystrokeTiming keyword.
- ssh(1), sshd(8): Introduce a transport-level ping facility. This adds
a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to
implement a ping capability. These messages use numbers in the "local
extensions" number space and are advertised using a "ping at openssh.com"
ext-info message with a string version number of "0".
- sshd(8): allow override of Subsystem directives in sshd Match blocks.
- scp(1): fix scp in SFTP mode recursive upload and download of
directories that contain symlinks to other directories. In scp mode,
the links would be followed, but in SFTP mode they were not.
- ssh-keygen(1): handle cr+lf (instead of just cr) line endings in
sshsig signature files.
- ssh(1): interactive mode for ControlPersist sessions if they
originally requested a tty.
- sshd(8): make PerSourceMaxStartups first-match-wins.
- sshd(8): limit artificial login delay to a reasonable maximum (5s) and
don't delay at all for the "none" authentication mechanism.
- sshd(8): Log errors in kex_exchange_identification() with level
verbose instead of error to reduce preauth log spam. All of those get
logged with a more generic error message by sshpkt_fatal().
- sshd(8): correct math for ClientAliveInterval that caused the probes
to be sent less frequently than configured.
- ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
multiplexed sessions to ignore SIGINT under some circumstances.
* Build-depend on dh-sequence-movetousr.
* Report DebianBanner setting in "sshd -G/-T" output (thanks, Rasmus
Villemoes; closes: #1053555).
Checksums-Sha1:
2fe5a1419254f40ee12a35945f26a048e9e6fbdd 3345 openssh_9.6p1-3ubuntu1.dsc
de300d09ec79fdbf37de4e6672cce4161439f2c3 1857862 openssh_9.6p1.orig.tar.gz
63c241035c665da9284965575cd96e0467bf09c1 833 openssh_9.6p1.orig.tar.gz.asc
91a75d20f438641aab224ace7b96c792bdbe169c 194420 openssh_9.6p1-3ubuntu1.debian.tar.xz
f02b92093eb9d96200e44067d887b22269829371 6334 openssh_9.6p1-3ubuntu1_source.buildinfo
Checksums-Sha256:
467e8c889cbad2255de36b29b9798ea6ddbc47b2554c8ab9716fa265fa3033e2 3345 openssh_9.6p1-3ubuntu1.dsc
910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c 1857862 openssh_9.6p1.orig.tar.gz
9b1e931cbc811f02e91f7eacd55f8211cc45dade11975462f4b0dcdad29927aa 833 openssh_9.6p1.orig.tar.gz.asc
828c80b8f9197431f6e009a3c4c62c28a5f4773721402e6dd31fae2202a65738 194420 openssh_9.6p1-3ubuntu1.debian.tar.xz
35559acc747dfece42f9b70ab109aa1b254d431f74154ef0d0aa7a90a4b5c2ca 6334 openssh_9.6p1-3ubuntu1_source.buildinfo
Files:
defe0b05f94c2483415c2ef9458b753d 3345 net standard openssh_9.6p1-3ubuntu1.dsc
5e90def5af3ffb27e149ca6fff12bef3 1857862 net standard openssh_9.6p1.orig.tar.gz
a9aaf09b36b23327431072ed804d7094 833 net standard openssh_9.6p1.orig.tar.gz.asc
c522262c528041d2512675d2f4c293c6 194420 net standard openssh_9.6p1-3ubuntu1.debian.tar.xz
a395d49e7a77dcb6db29a5ccedeb8623 6334 net standard openssh_9.6p1-3ubuntu1_source.buildinfo
Original-Maintainer: Debian OpenSSH Maintainers <debian-ssh at lists.debian.org>
Vcs-Git: https://git.launchpad.net/~mirespace/ubuntu/+source/openssh
Vcs-Git-Commit: 2543615c4711155154ed33e50d7955ba2829ffcd
Vcs-Git-Ref: refs/heads/merge-lp2040406-noble
More information about the noble-changes
mailing list