Announce: OpenSSH 7.1 released

    Date21 Aug 2015
    CategoryCryptography
    3119
    Posted ByDave Wreski
    OpenSSH 7.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. From: Damien Miller <This email address is being protected from spambots. You need JavaScript enabled to view it.>
    Date: Fri, 21 Aug 2015 00:11:02 -0600 (MDT)
    To: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Subject: Announce: OpenSSH 7.1 released

    OpenSSH 7.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time.

    Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: http://www.openssh.com/donations.html

    Future deprecation notice
    =========================

    We plan on retiring more legacy cryptography in the next release including:

    • Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits)
    • Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES.
    • MD5-based HMAC algorithms will be disabled by default.

    This list reflects our current intentions, but please check the final release notes for OpenSSH 7.1 when it is released.

    Changes since OpenSSH 7.0
    =========================

    This is a bugfix release.

    Security
    --------

    • sshd(8): OpenSSH 7.0 contained a logic error in PermitRootLogin= prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This problem was reported by Mantas Mikulenas.

    Bugfixes
    --------

    • ssh(1), sshd(8): add compatability workarounds for FuTTY
    • ssh(1), sshd(8): refine compatability workarounds for WinSCP
    • Fix a number of memory faults (double-free, free of uninitialised memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz Kocielski.

    Checksums:
    ==========

    - SHA1 (openssh-7.1.tar.gz) = 06c1db39f33831fe004726e013b2cf84f1889042
    - SHA256 (openssh-7.1.tar.gz) = H7U1se9EoBmhkKi2i7lqpMX9QHdDTsgpu7kd5VZUGSY=

    - SHA1 (openssh-7.1p1.tar.gz) = ed22af19f962262c493fcc6ed8c8826b2761d9b6
    - SHA256 (openssh-7.1p1.tar.gz) = /AptLR0GPVxm3/2VJJPQzaJWytIE9oHeD4TvhbKthCg=

    Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available as RELEASE_KEY.asc from the mirror sites.

    Reporting Bugs:
    ===============

    - Please read http://www.openssh.com/report.html
    Security bugs should be reported directly to This email address is being protected from spambots. You need JavaScript enabled to view it.

    OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"7","type":"x","order":"1","pct":87.5,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":12.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.