-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 20 Oct 2020 14:15:17 +0100 Source: openssh Architecture: source Version: 1:8.4p1-1 Distribution: unstable Urgency: medium Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Closes: 368657 481250 Changes: openssh (1:8.4p1-1) unstable; urgency=medium . * New upstream release (https://www.openssh.com/txt/release-8.4): - [SECURITY] ssh-agent(1): restrict ssh-agent from signing web challenges for FIDO/U2F keys. - [SECURITY] ssh-keygen(1): Enable FIDO 2.1 credProtect extension when generating a FIDO resident key. - ssh-keygen(1): the format of the attestation information optionally recorded when a FIDO key is generated has changed. It now includes the authenticator data needed to validate attestation signatures. - The API between OpenSSH and the FIDO token middleware has changed and the SSH_SK_VERSION_MAJOR version has been incremented as a result. Third-party middleware libraries must support the current API version (7) to work with OpenSSH 8.4. - ssh(1), ssh-keygen(1): support for FIDO keys that require a PIN for each use. These keys may be generated using ssh-keygen using a new "verify-required" option. When a PIN-required key is used, the user will be prompted for a PIN to complete the signature operation. - sshd(8): authorized_keys now supports a new "verify-required" option to require FIDO signatures assert that the token verified that the user was present before making the signature. The FIDO protocol supports multiple methods for user-verification, but currently OpenSSH only supports PIN verification. - sshd(8), ssh-keygen(1): add support for verifying FIDO webauthn signatures. Webauthn is a standard for using FIDO keys in web browsers. These signatures are a slightly different format to plain FIDO signatures and thus require explicit support. - ssh(1): allow some keywords to expand shell-style ${ENV} environment variables. The supported keywords are CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus LocalForward and RemoteForward when used for Unix domain socket paths. - ssh(1), ssh-agent(1): allow some additional control over the use of ssh-askpass via a new $SSH_ASKPASS_REQUIRE environment variable, including forcibly enabling and disabling its use (closes: #368657). - ssh(1): allow ssh_config(5)'s AddKeysToAgent keyword accept a time limit for keys in addition to its current flag options. Time-limited keys will automatically be removed from ssh-agent after their expiry time has passed. - scp(1), sftp(1): allow the -A flag to explicitly enable agent forwarding in scp and sftp. The default remains to not forward an agent, even when ssh_config enables it. - ssh(1): add a '%k' TOKEN that expands to the effective HostKey of the destination. This allows, e.g., keeping host keys in individual files using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k" (closes: #481250). - ssh(1): add %-TOKEN, environment variable and tilde expansion to the UserKnownHostsFile directive, allowing the path to be completed by the configuration. - ssh-keygen(1): allow "ssh-add -d -" to read keys to be deleted from stdin. - sshd(8): improve logging for MaxStartups connection throttling. sshd will now log when it starts and stops throttling and periodically while in this state. - ssh(1), ssh-keygen(1): better support for multiple attached FIDO tokens. In cases where OpenSSH cannot unambiguously determine which token to direct a request to, the user is now required to select a token by touching it. In cases of operations that require a PIN to be verified, this avoids sending the wrong PIN to the wrong token and incrementing the token's PIN failure counter (tokens effectively erase their keys after too many PIN failures). - sshd(8): fix Include before Match in sshd_config (LP: #1885990). - ssh(1): close stdin/out/error when forking after authentication completes ("ssh -f ..."). - ssh(1), sshd(8): limit the amount of channel input data buffered, avoiding peers that advertise large windows but are slow to read from causing high memory consumption. - ssh-agent(1): handle multiple requests sent in a single write() to the agent. - sshd(8): allow sshd_config longer than 256k. - sshd(8): avoid spurious "Unable to load host key" message when sshd load a private key but no public counterpart. - ssh(1): prefer the default hostkey algorithm list whenever we have a hostkey that matches its best-preference algorithm. - sshd(1): when ordering the hostkey algorithms to request from a server, prefer certificate types if the known_hosts files contain a key marked as a @cert-authority. - ssh(1): perform host key fingerprint comparisons for the "Are you sure you want to continue connecting (yes/no/[fingerprint])?" prompt with case sensitivity. - sshd(8): ensure that address/masklen mismatches in sshd_config yield fatal errors at daemon start time rather than later when they are evaluated. - ssh-keygen(1): ensure that certificate extensions are lexically sorted. Previously if the user specified a custom extension then the everything would be in order except the custom ones. - ssh(1): also compare username when checking for JumpHost loops. - ssh-keygen(1): preserve group/world read permission on known_hosts files across runs of "ssh-keygen -Rf /path". The old behaviour was to remove all rights for group/other. - ssh-keygen(1): Mention the [-a rounds] flag in the ssh-keygen manual page and usage(). - sshd(8): explicitly construct path to ~/.ssh/rc rather than relying on it being relative to the current directory, so that it can still be found if the shell startup changes its directory. - sshd(8): when redirecting sshd's log output to a file, undo this redirection after the session child process is forked(). Fixes missing log messages when using this feature under some circumstances. - sshd(8): start ClientAliveInterval bookkeeping before first pass through select() loop; fixed theoretical case where busy sshd may ignore timeouts from client. - ssh(1): only reset the ServerAliveInterval check when we receive traffic from the server and ignore traffic from a port forwarding client, preventing a client from keeping a connection alive when it should be terminated. - ssh-keygen(1): avoid spurious error message when ssh-keygen creates files outside ~/.ssh. - sftp-client(1): fix off-by-one error that caused sftp downloads to make one more concurrent request that desired. This prevented using sftp(1) in unpipelined request/response mode, which is useful when debugging. - ssh(1), sshd(8): handle EINTR in waitfd() and timeout_connect() helpers. - ssh(1), ssh-keygen(1): defer creation of ~/.ssh until we attempt to write to it so we don't leave an empty .ssh directory when it's not needed. - ssh(1), sshd(8): fix multiplier when parsing time specifications when handling seconds after other units. - sshd(8): always send any PAM account messages. If the PAM account stack returns any messages, always send them to the user and not just if the check succeeds. - gnome-ssh-askpass3: ensure the "close" button is not focused by default for SSH_ASKPASS_PROMPT=none prompts. Avoids space/enter accidentally dismissing FIDO touch notifications. - gnome-ssh-askpass3: allow some control over textarea colour via $GNOME_SSH_ASKPASS_FG_COLOR and $GNOME_SSH_ASKPASS_BG_COLOR environment variables. - Detect the Frankenstein monster of Linux/X32 and allow the sandbox to function there. Checksums-Sha1: e864e8c1f16626b55602fc01ffab7ff83f51c366 3353 openssh_8.4p1-1.dsc 69305059e10a60693ebe6f17731f962c9577535c 1742201 openssh_8.4p1.orig.tar.gz 323573568682eac265e1f69206bc98149a8e423e 683 openssh_8.4p1.orig.tar.gz.asc be88025ebe71c0f58be2f83b8a7245f57e2ea1a6 177752 openssh_8.4p1-1.debian.tar.xz Checksums-Sha256: cb35733eef94d5b6cd85d8adbd7d44f5164fae6ca14cb00a885b98bd1cfb0dd9 3353 openssh_8.4p1-1.dsc 5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24 1742201 openssh_8.4p1.orig.tar.gz ccd9dd484651ce4cc926228f6e1b46afaf0c5ab98a866217fa0ef1074370ea2b 683 openssh_8.4p1.orig.tar.gz.asc a384da62eb06352938740f020cd78621af403cabf44f9cec238a202faa4ddd61 177752 openssh_8.4p1-1.debian.tar.xz Files: a2ae18b63060f660075dce5a5725b321 3353 net standard openssh_8.4p1-1.dsc 8f897870404c088e4aa7d1c1c58b526b 1742201 net standard openssh_8.4p1.orig.tar.gz 715c219a524631139bafa8a351cf44e7 683 net standard openssh_8.4p1.orig.tar.gz.asc d00fecf7d6d44f36eb03a49e6e670b58 177752 net standard openssh_8.4p1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAl+O4wYACgkQOTWH2X2G UAvA3A/8DY/uNkvp8PItmqF5rOgFuTgpe+NtfwlWBqJ9XVL8x5SoiEohV3ZycrS0 +vWMN9IMTi21yPocw0uTEbQVh3Df8fFQuf5539Zg6Bb9olOuZrhU5SUXVb1+N4h7 sgZDwQirK+PZ6YxRTuXeNmoAxHHdeQZmtzThHiMQSVHPEr/RQDIJoAUl+jV8M4KO Dhrk9iNqQASAl7Rm5kIxh9IlL2RbIO3KAwyLi6dUeKQn78seh90opy4+DtpGPHZn smcT7OAxQ0PapcNRTiDnY7A6iMqcUTopL8iS1fPtyum1cmQfTUTnyGqdxIwm4SXu aLvFfMiGARrcZqzVPTwieCeUcQkX006T/LRS0QjfR8qNUmJoLFq+N8kdLY6PSb5O j8vx2HSucQEAad3AaNyqHb/yqhEoy/chqSsJf0Nnll17TSkvwRfp1LMkoJBpUZ9k dtl5EhYqKSTmWLEK4G/yKRtCRRBOYxoWHck8blpC/JLxMx7YSPt5dMLD/f/U8wIV tvfXVDEgFB6MhEvyNW/vNLfbg3dHbOcR2rwF/OAEoVu4RFc5wZP4KUG72oBkQDEA ox+++CcDJZK0QXHaq4+Q0HmpL2KOS08ZY5dZ4PGcJkz32tV2g40Qyc+DN1ktEvmt W9vXjeXlPcOJPuRvKTW/fOabo5KnPgCH+mZfnvgDH7SPWkxKFvI= =573D -----END PGP SIGNATURE-----