- "Update" to openssh 10.2p1:
* No changes for askpass, see main package changelog for
details.
- Build with gcr-4 in Factory and SLE-16/Leap 16 instead of gtk-3
- Update to openssh 10.2p1:
= Future deprecation warning
* A future release of OpenSSH will deprecate support for SHA1
SSHFP records due to weaknesses in the SHA1 hash function.
SHA1 SSHFP DNS records will be ignored and ssh-keygen -r
will generate only SHA256 SSHFP records.
The SHA256 hash algorithm, which has no known weaknesses, has
been supported for SSHFP records since OpenSSH 6.1, released
in 2012.
= Bugfixes
* ssh(1): fix mishandling of terminal connections when
ControlPersist was active that rendered the session unusable.
bz3872
* ssh-keygen(1): fix download of keys from PKCS#11 tokens.
* ssh-keygen(1): fix CA signing operations when the CA key is
held in a ssh-agent(1). bz3877
= Portability
* All: support platforms without mmap(2), e.g. WASM builds such
as https://hterm.org
* All: fix builds on FreeBSD for missing fnctl.h include.
* All: fix builds on MacOS <10.12 Sierra, which lacks
clock_gettime(3)
* sshd(8): don't PAM_RHOST if the remote host is the "UNKNOWN"
placeholder name. Avoids potential hangs in some PAM modules
as they try to resolve it. Note, sshd(8) only uses the
OBS-URL: https://build.opensuse.org/request/show/1311450
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=297
- Update to openssh 10.0p1:
* No changes for askpass, see main package changelog for
details.
- Update to openssh 10.0p1:
= Potentially-incompatible changes
* This release removes support for the weak DSA signature
algorithm, completing the deprecation process that began in
2015 (when DSA was disabled by default) and repeatedly warned
over the last 12 months.
* scp(1), sftp(1): pass "ControlMaster no" to ssh when invoked by
scp & sftp. This disables implicit session creation by these
tools when ControlMaster was set to yes/auto by configuration,
which some users found surprising. This change will not prevent
scp/sftp from using an existing multiplexing session if one had
already been created. GHPR557
* This release has the version number 10.0 and announces itself
as "SSH-2.0-OpenSSH_10.0". Software that naively matches
versions using patterns like "OpenSSH_1*" may be confused by
this.
* sshd(8): this release removes the code responsible for the
user authentication phase of the protocol from the per-
connection sshd-session binary to a new sshd-auth binary.
Splitting this code into a separate binary ensures that the
crucial pre-authentication attack surface has an entirely
disjoint address space from the code used for the rest of the
connection. It also yields a small runtime memory saving as the
authentication code will be unloaded after the authentication
phase completes. This change should be largely invisible to
users, though some log messages may now come from "sshd-auth"
OBS-URL: https://build.opensuse.org/request/show/1268126
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=286
- Update to openssh 9.9p2:
= Security
* Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1
(inclusive) contained a logic error that allowed an on-path
attacker (a.k.a MITM) to impersonate any server when the
VerifyHostKeyDNS option is enabled. This option is off by
default.
* Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1
(inclusive) is vulnerable to a memory/CPU denial-of-service
related to the handling of SSH2_MSG_PING packets. This
condition may be mitigated using the existing
PerSourcePenalties feature.
Both vulnerabilities were discovered and demonstrated to be
exploitable by the Qualys Security Advisory team. The openSSH
team thanks them for their detailed review of OpenSSH.
= Bugfixes
* ssh(1), sshd(8): fix regression in Match directive that caused
failures when predicates and their arguments were separated by
'=' characters instead of whitespace (bz3739).
* sshd(8): fix the "Match invalid-user" predicate, which was
matching incorrectly in the initial pass of config evaluation.
* ssh(1), sshd(8), ssh-keyscan(1): fix mlkem768x25519-sha256 key
exchange on big-endian systems.
* Fix a number of build problems on particular operating systems
and configurations.
- Remove patches that are already included in 9.9p2:
* 0001-fix-utmpx-ifdef.patch
* 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch
* 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch
* 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch
OBS-URL: https://build.opensuse.org/request/show/1246611
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=283
- Add patches from upstream:
- To fix a copy&paste oversight in an ifdef :
* 0001-fix-utmpx-ifdef.patch
- To fix a regression introduced when the "Match" criteria
tokenizer was modified since it stopped supporting the
"Match criteria=argument" format:
* 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch
- To fix the previous patch which broke on negated Matches:
* 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch
- To fix the ML-KEM768x25519 kex algorithm on big-endian systems:
* 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch
OBS-URL: https://build.opensuse.org/request/show/1218784
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=279
- Update to openssh 9.9p1:
* No changes for askpass, see main package changelog for
details.
- Update to openssh 9.9p1:
= Future deprecation notice
* OpenSSH plans to remove support for the DSA signature algorithm
in early 2025. This release disables DSA by default at compile
time. DSA, as specified in the SSHv2 protocol, is inherently
weak - being limited to a 160 bit private key and use of the
SHA1 digest. Its estimated security level is only 80 bits
symmetric equivalent.
OpenSSH has disabled DSA keys by default since 2015 but has
retained run-time optional support for them. DSA was the only
mandatory-to-implement algorithm in the SSHv2 RFCs, mostly
because alternative algorithms were encumbered by patents when
the SSHv2 protocol was specified.
This has not been the case for decades at this point and better
algorithms are well supported by all actively-maintained SSH
implementations. We do not consider the costs of maintaining
DSA in OpenSSH to be justified and hope that removing it from
OpenSSH can accelerate its wider deprecation in supporting
cryptography libraries.
= Potentially-incompatible changes
* ssh(1): remove support for pre-authentication compression.
OpenSSH has only supported post-authentication compression in
the server for some years. Compression before authentication
significantly increases the attack surface of SSH servers and
risks creating oracles that reveal information about
information sent during authentication.
OBS-URL: https://build.opensuse.org/request/show/1202729
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=275
- Drop most of openssh-6.6p1-keycat.patch (actually, it was just
commented out). The keycat binary isn't really installed nor
supported, so we can drop it, except for the code that is used
by other SELinux patches, which is what I kept from that patch
(boo#1229072).
- Add patch submitted to upstream to fix RFC4256 implementation
so that keyboard-interactive authentication method can send
instructions and sshd shows them to users even before a prompt
is requested. This fixes MFA push notifications (boo#1229010).
* 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch
OBS-URL: https://build.opensuse.org/request/show/1200272
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=274
- Update to openssh 9.8p1:
* No changes for askpass, see main package changelog for
details.
- Add patch to fix sshd not logging in the audit failed login
attempts (submitted to upstream in
https://github.com/openssh/openssh-portable/pull/516):
* fix-audit-fail-attempt.patch
- Use --enable-dsa-keys when building openssh. It's required if
the user sets the crypto-policy mode to LEGACY, where DSA keys
should be allowed. The option was added by upstream in 9.7 and
set to disabled by default.
- These two changes fix 2 of the 3 issues reported in bsc#1229650.
- Fix a dbus connection leaked in the logind patch that was
missing a sd_bus_unref call (found by Matthias Gerstner):
* logind_set_tty.patch
- Add a patch that fixes a small memory leak when parsing the
subsystem configuration option:
* fix-memleak-in-process_server_config_line_depth.patch
- Update to openssh 9.8p1:
= Security
* 1) Race condition in sshd(8) (bsc#1226642, CVE-2024-6387).
A critical vulnerability in sshd(8) was present in Portable
OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may
allow arbitrary code execution with root privileges.
Successful exploitation has been demonstrated on 32-bit
Linux/glibc systems with ASLR. Under lab conditions, the attack
requires on average 6-8 hours of continuous connections up to
OBS-URL: https://build.opensuse.org/request/show/1196434
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=183
- Update to openssh 9.8p1:
* No changes for askpass, see main package changelog for
details.
- Fix a dbus connection leaked in the logind patch that was
missing a sd_bus_unref call (found by Matthias Gerstner):
* logind_set_tty.patch
- Add a patch that fixes a small memory leak when parsing the
subsystem configuration option:
* fix-memleak-in-process_server_config_line_depth.patch
- Update to openssh 9.8p1:
= Security
* 1) Race condition in sshd(8) (bsc#1226642, CVE-2024-6387).
A critical vulnerability in sshd(8) was present in Portable
OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may
allow arbitrary code execution with root privileges.
Successful exploitation has been demonstrated on 32-bit
Linux/glibc systems with ASLR. Under lab conditions, the attack
requires on average 6-8 hours of continuous connections up to
the maximum the server will accept. Exploitation on 64-bit
systems is believed to be possible but has not been
demonstrated at this time. It's likely that these attacks will
be improved upon.
Exploitation on non-glibc systems is conceivable but has not
been examined. Systems that lack ASLR or users of downstream
Linux distributions that have modified OpenSSH to disable
per-connection ASLR re-randomisation (yes - this is a thing, no
- we don't understand why) may potentially have an easier path
to exploitation. OpenBSD is not vulnerable.
OBS-URL: https://build.opensuse.org/request/show/1193382
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=272
- Add patch from upstream to fix proxy multiplexing mode:
* 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch
- Add patch from upstream to restore correctly sigprocmask
* 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch
- Add patch from upstream to fix a logic error in
ObscureKeystrokeTiming that rendered this feature ineffective,
allowing a passive observer to detect which network packets
contained real keystrokes (bsc#1227318, CVE-2024-39894):
* 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch
OBS-URL: https://build.opensuse.org/request/show/1185821
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=271
- Add obsoletes for openssh-server-config-rootlogin since that
package existed for a brief period of time during SLE 15 SP6/
Leap 15.6 development but even if it was removed from the
repositories before GM, some users might have it in their
systems from having tried a beta/RC release (boo#1227350).
quoting was present in the user-supplied ssh_config(5) directive
(bsc#1218215, CVE-2023-51385).
OBS-URL: https://build.opensuse.org/request/show/1185775
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=270
