From 90a54a2acdf8dc7acf3782c01c8b586f9363d9d2 Mon Sep 17 00:00:00 2001 From: Nagy Karoly Gabriel Date: Thu, 9 Oct 2014 12:32:43 +0200 Subject: [PATCH] openssh: Updated (6.6p1 -> 6.7p1) See note! NOTE: This update mitigates the following security issue: http://seclists.org/fulldisclosure/2014/Oct/35 also it contains updates that make it potentially incompatible with previous versions, namingly: Potentially-incompatible changes * sshd(8): The default set of ciphers and MACs has been altered to remove unsafe algorithms. In particular, CBC ciphers and arcfour* are disabled by default. The full set of algorithms remains available if configured explicitly via the Ciphers and MACs sshd_config options. * sshd(8): Support for tcpwrappers/libwrap has been removed. * OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the specification correctly. OpenSSH 6.7 disables this KEX method when speaking to one of the affected versions. --- security/openssh/openssh.desc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/openssh/openssh.desc b/security/openssh/openssh.desc index b17fb298d..d28a931de 100644 --- a/security/openssh/openssh.desc +++ b/security/openssh/openssh.desc @@ -38,8 +38,8 @@ [L] OpenSource [S] Stable -[V] 6.6p1 +[V] 6.7p1 [P] X -?---5---9 191.100 -[D] 3154638660 openssh-6.6p1.tar.gz ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ +[D] 1730614357 openssh-6.7p1.tar.gz ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ [D] 909527609 contrib-openssh-lpk-5.1p1-0.3.10.patch http://openssh-lpk.googlecode.com/svn/trunk/patch/contrib/