OpenSSH 3.4 released

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Date: Wednesday, June 26, 2002 - 10:40 am

OpenSSH 3.4 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued
support and encouragement.


Changes since OpenSSH 3.3:
============================ 

Security Changes:
=================

  All versions of OpenSSH's sshd between 2.9.9 and 3.3
  contain an input validation error that can result in
  an integer overflow and privilege escalation.

  OpenSSH 3.4 fixes this bug.

  In addition, OpenSSH 3.4 adds many checks to detect 
  invalid input and mitigate resource exhaustion attacks.

  OpenSSH 3.2 and later prevent privilege escalation
  if UsePrivilegeSeparation is enabled in sshd_config.
  OpenSSH 3.3 enables UsePrivilegeSeparation by
  default.


Reporting Bugs:
===============

- please read http://www.openssh.com/report.html
  and http://bugzilla.mindrot.org/

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

OpenBGPD 3.6 released, Henning Brauer, (Mon Nov 8, 12:08 pm)

OpenBSD 4.3 released May 1, 2008, Theo de Raadt, (Wed Apr 30, 6:00 pm)

sparc64 flag day, Theo de Raadt, (Tue Mar 26, 1:42 pm)

OpenSSH 3.2.3 released, Markus Friedl, (Thu May 23, 4:08 am)

OpenSSH 3.4 released, Markus Friedl, (Wed Jun 26, 10:40 am)

OpenBSD 3.1 End Of Life, Miod Vallat, (Thu Apr 17, 9:25 am)

OpenSSH 3.7 released, Markus Friedl, (Tue Sep 16, 8:06 am)


linux-kernel:
Karl Meyer	PROBLEM: 2.6.23-rc "NETDEV WATCHDOG: eth0: transmit timed out"
David Miller	Slow DOWN, please!!!
Mark Fasheh	[PATCH 0/39] Ocfs2 updates for 2.6.28
Bart Van Assche	Integration of SCST in the mainstream Linux kernel
git:
Shawn O. Pearce	Re: pack operation is thrashing my server
Pierre Habouzit	git send-email improvements
Matthieu Moy	git push to a non-bare repository
Shawn O. Pearce	libgit2 - a true git library
netbsd-tech-kern:
Elad Efrat	Integrating securelevel and kauth(9)
Hubert Feyrer	Re: Compressed vnd handling tested successfully
Lord Isildur	Re: Fork bomb protection patch
Matt Thomas	Re: FFS journal
openbsd-misc:
Will Maier	cron doesn't run commands in /etc/crontab?
Richard Stallman	Real men don't attack straw men
Harald Dunkel	Re: Packet Filter: how to keep device names on hardware failure?
Jordi Espasa Clofent	Resolving dependencies with pkg_add


Question on swap as ramdisk partition	2 hours ago	Linux kernel
Netfilter kernel module	12 hours ago	Linux kernel
serial driver xmit problem	15 hours ago	Linux kernel
Why Windows is better than Linux	15 hours ago	Linux general
How can I see my kernel messages in vt12?	22 hours ago	Linux kernel
Grub	1 day ago	Linux general
vmalloc_fault handling in x86_64	1 day ago	Linux kernel
epoll_wait()ing on epoll FD	1 day ago	Linux kernel
Framebuffer in x86_64 causes problems to multiseat	2 days ago	Linux kernel
Difference between 2.4 and 2.6 regarding thread creation	2 days ago	Linux general

OpenSSH 3.4 released

Online users