Merge openssh from Debian unstable for noble

Scheduled-For: Backlog
Upstream: tbd
Debian: 1:9.4p1-1
Ubuntu: 1:9.3p1-1ubuntu3

The NOT SERVER TEAM team has maintained this package in the past and may be handling this merge.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

### New Debian Changes ###

openssh (1:9.4p1-1) unstable; urgency=medium

  * New upstream release (https://www.openssh.com/releasenotes.html#9.4p1):
    - ssh-agent(1): PKCS#11 modules must now be specified by their full
      paths. Previously dlopen(3) could search for them in system library
      directories.
    - ssh(1): allow forwarding Unix Domain sockets via ssh -W.
    - ssh(1): add support for configuration tags to ssh(1). This adds a
      ssh_config(5) 'Tag' directive and corresponding 'Match tag' predicate
      that may be used to select blocks of configuration similar to the
      pf.conf(5) keywords of the same name.
    - ssh(1): add a 'match localnetwork' predicate. This allows matching on
      the addresses of available network interfaces and may be used to vary
      the effective client configuration based on network location.
    - ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL
      extensions. This defines wire formats for optional KRL extensions and
      implements parsing of the new submessages. No actual extensions are
      supported at this point.
    - sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now
      accept two additional %-expansion sequences: %D which expands to the
      routing domain of the connected session and %C which expands to the
      addresses and port numbers for the source and destination of the
      connection.
    - ssh-keygen(1): increase the default work factor (rounds) for the
      bcrypt KDF used to derive symmetric encryption keys for passphrase
      protected key files by 50%.
    - ssh-agent(1): improve isolation between loaded PKCS#11 modules by
      running separate ssh-pkcs11-helpers for each loaded provider.
    - ssh(1): make -f (fork after authentication) work correctly with
      multiplexed connections, including ControlPersist (closes: #348741).
    - ssh(1): make ConnectTimeout apply to multiplexing sockets and not just
      to network connections.
    - ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules
      being loaded by checking that the requested module contains the
      required symbol before loading it.
    - sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand
      appears before it in sshd_config. Since OpenSSH 8.7 the
      AuthorizedPrincipalsCommand directive was incorrectly ignored in this
      situation.
    - sshd(8), ssh(1), ssh-keygen(1): remove vestigial support for KRL
      signatures. When the KRL format was originally defined, it included
      support for signing of KRL objects. However, the code to sign KRLs and
      verify KRL signatues was never completed in OpenSSH. This release
      removes the partially-implemented code to verify KRLs. All OpenSSH
      tools now ignore KRL_SECTION_SIGNATURE sections in KRL files.
    - All: fix a number of memory leaks and unreachable/harmless integer
      overflows.
    - ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11
      modules.
    - sshd(8), ssh(1): better validate CASignatureAlgorithms in ssh_config
      and sshd_config. Previously this directive would accept certificate
      algorithm names, but these were unusable in practice as OpenSSH does
      not support CA chains.
    - ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature
      algorithms that are valid for CA signing. Previous behaviour was to
      list all signing algorithms, including certificate algorithms.
    - ssh-keyscan(1): gracefully handle systems where rlimits or the maximum
      number of open files is larger than INT_MAX.
    - ssh-keygen(1): fix 'no comment' not showing on when running
      `ssh-keygen -l` on multiple keys where one has a comment and other
      following keys do not. bz3580
    - scp(1), sftp(1): adjust ftruncate() logic to handle servers that
      reorder requests. Previously, if the server reordered requests then
      the resultant file would be erroneously truncated.
    - ssh(1): don't incorrectly disable hostname canonicalization when
      CanonicalizeHostname=yes and ProxyJump was explicitly set to 'none'.
    - scp(1): when copying local->remote, check that the source file exists
      before opening an SFTP connection to the server (closes: #59255).
    - sshd(8): provide a replacement for the SELinux matchpathcon()
      function, which is deprecated.
    - All: relax libcrypto version checks for OpenSSL >=3 (closes:
      #1035623). Beyond OpenSSL 3.0, the ABI compatibility guarantees are
      wider (only the library major must match instead of major and minor in
      earlier versions).
    - ssh-copy-id(1): Special case OpenWrt instead of Dropbear
      (LP: #1966886).

 -- Colin Watson <email address hidden> Sat, 02 Sep 2023 21:02:53 +0100

openssh (1:9.3p2-1) unstable; urgency=high

  * New upstream release (https://www.openssh.com/releasenotes.html#9.3p2):
    - [CVE-2023-38408] Fix a condition where specific libraries loaded via
      ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code
      execution via a forwarded agent socket.

 -- Colin Watson <email address hidden> Wed, 19 Jul 2023 22:49:14 +0100

openssh (1:9.3p1-1) unstable; urgency=medium

  * Debconf translations:
    - Romanian (thanks, Remus-Gabriel Chelu; closes: #1033178).
  * Properly fix date of 1:3.0.2p1-2 changelog entry (closes: #1034425).
  * New upstream release (https://www.openssh.com/releasenotes.html#9.3p1):
    - [CVE-2023-28531] ssh-add(1): when adding smartcard keys to
      ssh-agent(1) with the per-hop destination constraints (ssh-add -h ...)
      added in OpenSSH 8.9, a logic error prevented the constraints from
      being communicated to the agent. This resulted in the keys being added
      without constraints. The common cases of non-smartcard keys and keys
      without destination constraints are unaffected. This problem was

### Old Ubuntu Delta ###

openssh (1:9.3p1-1ubuntu3) mantic; urgency=medium

  * d/p/fix-authorized-principals-command.patch: Fix the situation where
    sshd ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand
    is also set by checking if the value pointed to by the pointer
    'charptr' is NULL. (LP: #2031942)

 -- Michal Maloszewski <email address hidden> Thu, 24 Aug 2023 15:20:27 +0200

openssh (1:9.3p1-1ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: remote code execution relating to PKCS#11 providers
    - debian/patches/CVE-2023-38408-1.patch: terminate process if requested
      to load a PKCS#11 provider that isn't a PKCS#11 provider in
      ssh-pkcs11.c.
    - debian/patches/CVE-2023-38408-2.patch: disallow remote addition of
      FIDO/PKCS11 provider in ssh-agent.1, ssh-agent.c.
    - debian/patches/CVE-2023-38408-3.patch: ensure FIDO/PKCS11 libraries
      contain expected symbols in misc.c, misc.h, ssh-pkcs11.c, ssh-sk.c.
    - CVE-2023-38408

 -- Marc Deslauriers <email address hidden> Mon, 24 Jul 2023 15:01:06 -0400

openssh (1:9.3p1-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2025664). Remaining changes:
    - debian/rules: modify dh_installsystemd invocations for
      socket-activated sshd
    - debian/openssh-server.postinst: handle migration of sshd_config options
      to systemd socket options on upgrade.
    - debian/README.Debian: document systemd socket activation.
    - debian/patches/socket-activation-documentation.patch: Document in
      sshd_config(5) that ListenAddress and Port no longer work.
    - debian/openssh-server.templates: include debconf prompt explaining
      when migration cannot happen due to multiple ListenAddress values
    - debian/.gitignore: drop file
    - debian/openssh-server.postrm: remove systemd drop-ins for
      socket-activated sshd on purge
    - debian/openssh-server.ucf-md5sum: update for Ubuntu delta
    - debian/openssh-server.tmpfile,debian/systemd/ssh.service: Move
      /run/sshd creation out of the systemd unit to a tmpfile config so
      that sshd can be run manually if necessary without having to create
      this directory by hand.
    - debian/patches/systemd-socket-activation.patch: Fix sshd
      re-execution behavior when socket activation is used
    - debian/tests/systemd-socket-activation: Add autopkgtest for systemd socket
      activation functionality.
    - d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no for some tests
    - Ensure smooth upgrade path from versions affected by LP: #2020474:
      + debian/openssh-server.postint: do not try to restart systemd units,
        and instead indicate that a reboot is required
      + debian/tests/systemd-socket-activation: Reboot the testbed before starting the test
      + debian/rules: Do not stop ssh.socket on upgrade

 -- Nick Rosbrook <email address hidden> Mon, 03 Jul 2023 11:34:47 -0400