Format: 1.8 Date: Tue, 27 Dec 2016 18:01:46 +0000 Source: openssh Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: s390x s390x_translations Version: 1:7.4p1-1 Distribution: zesty-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Colin Watson Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 147201 419574 765630 848089 848714 848715 848716 848717 Launchpad-Bugs-Fixed: 801187 1638338 1646813 Changes: openssh (1:7.4p1-1) unstable; urgency=medium . * New upstream release (http://www.openssh.com/txt/release-7.4): - ssh(1): Remove 3des-cbc from the client's default proposal. 64-bit block ciphers are not safe in 2016 and we don't want to wait until attacks like SWEET32 are extended to SSH. As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may cause problems connecting to older devices using the default configuration, but it's highly likely that such devices already need explicit configuration for key exchange and hostkey algorithms already anyway. - sshd(8): When a forced-command appears in both a certificate and an authorized keys/principals command= restriction, sshd will now refuse to accept the certificate unless they are identical. The previous (documented) behaviour of having the certificate forced-command override the other could be a bit confusing and error-prone. - sshd(8): Remove the UseLogin configuration directive and support for having /bin/login manage login sessions. - CVE-2016-10009: ssh-agent(1): Will now refuse to load PKCS#11 modules from paths outside a trusted whitelist (run-time configurable). Requests to load modules could be passed via agent forwarding and an attacker could attempt to load a hostile PKCS#11 module across the forwarded agent channel: PKCS#11 modules are shared libraries, so this would result in code execution on the system running the ssh-agent if the attacker has control of the forwarded agent-socket (on the host running the sshd server) and the ability to write to the filesystem of the host running ssh-agent (usually the host running the ssh client) (closes: #848714). - CVE-2016-10010: sshd(8): When privilege separation is disabled, forwarded Unix-domain sockets would be created by sshd(8) with the privileges of 'root' instead of the authenticated user. This release refuses Unix-domain socket forwarding when privilege separation is disabled (Privilege separation has been enabled by default for 14 years) (closes: #848715). - CVE-2016-10011: sshd(8): Avoid theoretical leak of host private key material to privilege-separated child processes via realloc() when reading keys. No such leak was observed in practice for normal-sized keys, nor does a leak to the child processes directly expose key material to unprivileged users (closes: #848716). - CVE-2016-10012: sshd(8): The shared memory manager used by pre-authentication compression support had a bounds checks that could be elided by some optimising compilers. Additionally, this memory manager was incorrectly accessible when pre-authentication compression was disabled. This could potentially allow attacks against the privileged monitor process from the sandboxed privilege-separation process (a compromise of the latter would be required first). This release removes support for pre-authentication compression from sshd(8) (closes: #848717). - SECURITY: sshd(8): Validate address ranges for AllowUser and DenyUsers directives at configuration load time and refuse to accept invalid ones. It was previously possible to specify invalid CIDR address ranges (e.g. user@127.1.2.3/55) and these would always match, possibly resulting in granting access where it was not intended. - ssh(1): Add a proxy multiplexing mode to ssh(1) inspired by the version in PuTTY by Simon Tatham. This allows a multiplexing client to communicate with the master process using a subset of the SSH packet and channels protocol over a Unix-domain socket, with the main process acting as a proxy that translates channel IDs, etc. This allows multiplexing mode to run on systems that lack file-descriptor passing (used by current multiplexing code) and potentially, in conjunction with Unix-domain socket forwarding, with the client and multiplexing master process on different machines. Multiplexing proxy mode may be invoked using "ssh -O proxy ...". - sshd(8): Add a sshd_config DisableForwarding option that disables X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as anything else we might implement in the future. Like the 'restrict' authorized_keys flag, this is intended to be a simple and future-proof way of restricting an account. - sshd(8), ssh(1): Support the "curve25519-sha256" key exchange method. This is identical to the currently-supported method named "curve25519-sha256@libssh.org". - sshd(8): Improve handling of SIGHUP by checking to see if sshd is already daemonised at startup and skipping the call to daemon(3) if it is. This ensures that a SIGHUP restart of sshd(8) will retain the same process-ID as the initial execution. sshd(8) will also now unlink the PidFile prior to SIGHUP restart and re-create it after a successful restart, rather than leaving a stale file in the case of a configuration error. - sshd(8): Allow ClientAliveInterval and ClientAliveCountMax directives to appear in sshd_config Match blocks. - sshd(8): Add %-escapes to AuthorizedPrincipalsCommand to match those supported by AuthorizedKeysCommand (key, key type, fingerprint, etc.) and a few more to provide access to the contents of the certificate being offered. - ssh(1): Allow IdentityFile to successfully load and use certificates that have no corresponding bare public key. - ssh(1): Fix public key authentication when multiple authentication is in use and publickey is not just the first method attempted. - ssh(1): Improve reporting when attempting to load keys from PKCS#11 tokens with fewer useless log messages and more detail in debug messages. - ssh(1): When tearing down ControlMaster connections, don't pollute stderr when LogLevel=quiet. - sftp(1): On ^Z wait for underlying ssh(1) to suspend before suspending sftp(1) to ensure that ssh(1) restores the terminal mode correctly if suspended during a password prompt. - ssh(1): Avoid busy-wait when ssh(1) is suspended during a password prompt (LP: #1646813). - ssh(1), sshd(8): Correctly report errors during sending of ext-info messages. - sshd(8): Fix NULL-deref crash if sshd(8) received an out-of-sequence NEWKEYS message. - sshd(8): Correct list of supported signature algorithms sent in the server-sig-algs extension. - sshd(8): Fix sending ext_info message if privsep is disabled. - sshd(8): More strictly enforce the expected ordering of privilege separation monitor calls used for authentication and allow them only when their respective authentication methods are enabled in the configuration. - sshd_config(5): Use 2001:db8::/32, the official IPv6 subnet for configuration examples. - On environments configured with Turkish locales, fall back to the C/POSIX locale to avoid errors in configuration parsing caused by that locale's unique handling of the letters 'i' and 'I' (LP: #1638338). - contrib: Add a gnome-ssh-askpass3 with GTK+3 support. - sshd(8): Improve PRNG reseeding across privilege separation and force libcrypto to obtain a high-quality seed before chroot or sandboxing. * Apply "wrap-and-sort -at -f debian/control -f debian/tests/control". * Remove entries related to protocol 1 from the default sshd_config generated on new installations. * Remove some advice related to protocol 1 from README.Debian. * Start handling /etc/ssh/sshd_config using ucf. The immediate motivation for this is to deal with deprecations of options related to protocol 1, but something like this has been needed for a long time (closes: #419574, #848089): - sshd_config is now a slightly-patched version of upstream's, and only contains non-default settings (closes: #147201). - I've included as many historical md5sums of default versions of sshd_config as I could reconstruct from version control, but I'm sure I've missed some. - Explicitly synchronise the debconf database with the current configuration file state in openssh-server.config, to ensure that the PermitRootLogin setting is properly preserved. - UsePrivilegeSeparation now defaults to the stronger "sandbox" rather than "yes", per upstream. * Remove redundant "GSSAPIDelegateCredentials no" from ssh_config (already the upstream default), and document that setting ServerAliveInterval to 300 by default if BatchMode is set is Debian-specific (closes: #765630). * Build gnome-ssh-askpass with GTK+ 3 (LP: #801187). * When running regression tests under autopkgtest, use a non-root user with passwordless sudo. Checksums-Sha1: aa3ac1ade9cb316d266f3a0dc60ced82cd446e03 1104554 openssh-client-dbgsym_7.4p1-1_s390x.ddeb d4cbaa5f763d116fb1f7235ce81fdabdb25d9b96 666254 openssh-client-ssh1-dbgsym_7.4p1-1_s390x.ddeb f66f7cb9d62ec994b4af01d5b0a76dea3364b225 320330 openssh-client-ssh1_7.4p1-1_s390x.deb b975354fddbb11187010ad98c098ab41bc3d5e05 541706 openssh-client-udeb-dbgsym_7.4p1-1_s390x.ddeb 23aa629c1a647a0f2fc5bf6f43de9f73c8d38a74 270628 openssh-client-udeb_7.4p1-1_s390x.udeb 0c6eecd24b32f7b4f3a86bfc2263ed20451a2d08 579390 openssh-client_7.4p1-1_s390x.deb 383b0cd0dcba9d61a037deefa27c325fff80c4a5 593446 openssh-server-dbgsym_7.4p1-1_s390x.ddeb aaeba4857bd4c23a95f979dd2aae9cd009451f81 583160 openssh-server-udeb-dbgsym_7.4p1-1_s390x.ddeb caefccf2a6d91f8ee72f5d86122e1726006a002c 279204 openssh-server-udeb_7.4p1-1_s390x.udeb f18769971852defd6fede6012dba286317a1bf0a 316238 openssh-server_7.4p1-1_s390x.deb 392e66c7f663d0df9b3e8072cd36165809120cda 81668 openssh-sftp-server-dbgsym_7.4p1-1_s390x.ddeb 3e150b6cb35aa559cae46e5fa69004acfe7a7ed2 37954 openssh-sftp-server_7.4p1-1_s390x.deb 35cbe4b88a6e5f1d1dd60acd020b4a166f275f67 8497 openssh_7.4p1-1_s390x_translations.tar.gz 420dada2c817f3c4aa99dfbb50f067700c8bbe23 9952 ssh-askpass-gnome-dbgsym_7.4p1-1_s390x.ddeb 2d5b8f337cde011c86b4f4b4d69e98d50e115095 17722 ssh-askpass-gnome_7.4p1-1_s390x.deb Checksums-Sha256: 0d813258896476d448f0ff25f038814025f02ae12440d3228a1c56d65ea358ca 1104554 openssh-client-dbgsym_7.4p1-1_s390x.ddeb 5d837383eb8c3a73eec21a1a0ded4e1349f7b2ffb41bbb4ad05e226d7a9f74af 666254 openssh-client-ssh1-dbgsym_7.4p1-1_s390x.ddeb e0fe89b47775aa2912b74d19b3b78221325224da2971ae4f4343cb68fd033e96 320330 openssh-client-ssh1_7.4p1-1_s390x.deb e306a7a8497fc9fe05c919669fb77caed2be6d4a475d3801f572a451a5a2d0ce 541706 openssh-client-udeb-dbgsym_7.4p1-1_s390x.ddeb b4859fec696efc470d182793fd715c7b0ebdcd2d3f2417a3b47c65b409be487d 270628 openssh-client-udeb_7.4p1-1_s390x.udeb c85f450c4c7744dcd708c20db048d7ae7f5f9d5e2bcf5abaec39482ffc9b5eaa 579390 openssh-client_7.4p1-1_s390x.deb b2124f27db2783d86b917d474f90f185c2a46fd2a4a84bf4ddfc4f32173b478b 593446 openssh-server-dbgsym_7.4p1-1_s390x.ddeb f58ac976b4609ca1cb795a2804106cbd91b41911e8cacf5b6eae8351bf9a666e 583160 openssh-server-udeb-dbgsym_7.4p1-1_s390x.ddeb 0218dcc3847a7599087ab205127a93b15feb570615fa9166225a0f0391d1e82d 279204 openssh-server-udeb_7.4p1-1_s390x.udeb ae1f8d122187138c4e4ab8d107cf5ab6e49b21bd04528d0fbf602888dcef216e 316238 openssh-server_7.4p1-1_s390x.deb 3febeb905a3c5c88313b31d0f6e3461c37842e592fa101d9adea8b18d7c599b5 81668 openssh-sftp-server-dbgsym_7.4p1-1_s390x.ddeb b07dddd208c03439d2ca4b9aad7b24d8b32aa616333cf7061b99dea75316672a 37954 openssh-sftp-server_7.4p1-1_s390x.deb 23a5dd36413f8f85c13a2122f4987b9a0c02b230d362ae71de9f0c2bff6e5a38 8497 openssh_7.4p1-1_s390x_translations.tar.gz 8b479b109dc6162b0e6b97ce35907ff430f2910d94db4e5753c16547738b5ab8 9952 ssh-askpass-gnome-dbgsym_7.4p1-1_s390x.ddeb 32f4807db7b234802bab3742036ddb7001e634ebe7ccb7c77b5a74dd6113e123 17722 ssh-askpass-gnome_7.4p1-1_s390x.deb Files: 6b9565d7c9a0852011ddfe4f263272bb 1104554 net extra openssh-client-dbgsym_7.4p1-1_s390x.ddeb 504572b73e118ae5c874a2aa338d7116 666254 net extra openssh-client-ssh1-dbgsym_7.4p1-1_s390x.ddeb ada7d27f42cd03b90a1dcbfe33d60fb0 320330 net extra openssh-client-ssh1_7.4p1-1_s390x.deb 1cc7c8d42436efda3c7c31494b1b9cf6 541706 debian-installer extra openssh-client-udeb-dbgsym_7.4p1-1_s390x.ddeb 9edd58c4a401e6ae61f0641981dea3e3 270628 debian-installer optional openssh-client-udeb_7.4p1-1_s390x.udeb d1946384bd27e6cdb011768c7fab672b 579390 net standard openssh-client_7.4p1-1_s390x.deb 4af05d09ad5fb47f5cecca6b2d694596 593446 net extra openssh-server-dbgsym_7.4p1-1_s390x.ddeb 0db27b5e96387a2d0dbf7b09c282de1f 583160 debian-installer extra openssh-server-udeb-dbgsym_7.4p1-1_s390x.ddeb 7c07c4e4651b66d94e8d531fb6950b4a 279204 debian-installer optional openssh-server-udeb_7.4p1-1_s390x.udeb d144063f6575fc6014457d5fb13ac425 316238 net optional openssh-server_7.4p1-1_s390x.deb c5d680c9d50f29f96aa8613149f6de53 81668 net extra openssh-sftp-server-dbgsym_7.4p1-1_s390x.ddeb f398228c823cc953c15182b4013d1ef9 37954 net optional openssh-sftp-server_7.4p1-1_s390x.deb 73a80748e4756d8ce434d931031cb953 8497 raw-translations - openssh_7.4p1-1_s390x_translations.tar.gz 9596dbe5869eaa2d589e5365083346c9 9952 gnome extra ssh-askpass-gnome-dbgsym_7.4p1-1_s390x.ddeb 7946ba924921083167e8f3c85fd18083 17722 gnome optional ssh-askpass-gnome_7.4p1-1_s390x.deb