Changes since OpenSSH 6.3
=========================
This release fixes a security bug:
* sshd(8): fix a memory corruption problem triggered during rekeying
when an AES-GCM cipher is selected. Full details of the vulnerability
are available at: http://www.openssh.com/txt/gcmrekey.adv
Changes since OpenSSH 6.2 is too many to write here, please refer
the release note: http://www.openssh.com/txt/release-6.3.
* Version 3.2.7 (released 2013-11-23)
** libgnutls: gnutls_cipher_get_iv_size() now returns the correct IV size in
GCM ciphers (previously it returned the implicit IV used in TLS).
** libgnutls: gnutls_certificate_set_x509_key_file() et al when provided
with a PKCS #11 URL pointing to a certificate, will attempt to load the whole
chain.
** libgnutls: When traversing PKCS #11 tokens looking for an object, avoid
looking in unrelated to the object tokens.
** libgnutls: Added an experimental %DUMBFW option in priority strings. This
avoids a black hole behavior in some firewalls by sending a large client hello.
See http://www.ietf.org/mail-archive/web/tls/current/msg10423.html
** libgnutls: The GNUTLS_DEBUG_LEVEL variable if set to a log level number
will force output of debug messages to stderr.
** libgnutls: Fixed the setting of the ciphersuite when gnutls_premaster_set()
is used with another protocol than the GNUTLS_DTLS0_9 protocol.
** libgnutls: gnutls_x509_crt_set_expiration_time() will set the no well defined
expiration date when (time_t)-1 is specified as date.
** libgnutls: Session tickets are encrypted using AES-GCM.
** libgnutls: Corrected issue in record decompression. Issue pinpointed
by Frank Zschockel.
** libgnutls: Forbid all compression methods in DTLS.
** gnutls-serv: Fixed issue with IPv6 address in UDP mode.
** certtool: When exporting an encrypted PEM private key do not output the key
parameters.
** certtool: Expiration days template option allows for a -1 value which
will set to the no well defined expiration date (RFC5280), and no longer
chokes on integer overflows. Suggested by Stefan Buehler.
** certtool: Added new template options: 'activation_date', and
'expiration_date'.
** tools: The environment variable GNUTLS_PIN can be used to read any PIN
requested from tokens.
** tools: The installed version of libopts is used if the autogen tool is
present.
** API and ABI modifications:
gnutls_pkcs11_obj_export3: Added
gnutls_pkcs11_get_raw_issuer: Added
gnutls_est_record_overhead_size: Exported
SSLScan queries SSL services, such as HTTPS, in order to determine the
ciphers that are supported. SSLScan is designed to be easy, lean and
fast. The output includes prefered ciphers of the SSL service, the
certificate and is in Text and XML formats.
System V shared memory segments created with shmget() are assigned an
owner, a group and a set of permissions intended to limit access to
the segment to designated processes only. The owner of a shared
memory segment can change the ownership and permissions on a segment
after its creation using shmctl(). Any subsequent processes that wish
to attach to the segment can only do so if they have the appropriate
permissions. Once attached, the process can read or write to the
segment, as per the permissions that were set when the segment was
created.
smaSHeM takes advantage of applications that set weak permissions on
such segments, allowing an attacker to dump or patch their contents.
As discussed in the presentation at 44CON 2013 entitled 'I Miss LSD',
in the case of many X11 applications it is possible to extract pixmaps
of previously rendered GUI artifacts. When compiled with QtCore
linking enabled, smaSHeM aids in that process by brute forcing
potentially valid dimensions for the raw pixmap dump.
* Version 3.2.6 (released 2013-10-31)
** libgnutls: Support for TPM via trousers is now enabled by default.
** libgnutls: Camellia in GCM mode has been added in default priorities, and
GCM mode is prioritized over CBC in all of the default priority strings.
** libgnutls: Added ciphersuite GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384.
** libgnutls: Fixed ciphersuites GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384,
GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 and GNUTLS_PSK_CAMELLIA_128_GCM_SHA256.
Reported by Stefan Buehler.
** libgnutls: Added support for ISO OID for RSA-SHA1 signatures.
** libgnutls: Minimum acceptable DH group parameters were increased to 767
bits from 727.
** libgnutls: Added function to obtain random data from PKCS #11 tokens.
Contributed by Wolfgang Meyer zu Bergsten.
** gnulib: updated.
** libdane: Fixed a one-off bug in dane_query_tlsa() introduced by the
previous fix. Reported by Tomas Mraz.
** p11tool: Added option generate-random.
** API and ABI modifications:
gnutls_pkcs11_token_get_random: Added
allow you to investigate disk images. The core functionality of TSK allows
you to analyze volume and file system data. The plug-in framework allows
you to incorporate additional modules to analyze file contents and build
automated systems. The library can be incorporated into larger digital
forensics tools and the command line tools can be directly used to find
evidence.
This is a security fix to address CVE-2013-1445
Upstream changes:
-----------------
2.6.1
=====
* [CVE-2013-1445] Fix PRNG not correctly reseeded in some situations.
In previous versions of PyCrypto, the Crypto.Random PRNG exhibits a
race condition that may cause forked processes to generate identical
sequences of 'random' numbers.
Upstream changes:
-----------------
* Release 0.10 (23 Oct 2013)
Make the secp256k1 available in __init__.py too (thanks to Scott Bannert).
While here, adjust HOMEPAGE.
* Version 3.2.5 (released 2013-10-23)
** libgnutls: Documentation and build-time fixes.
** libgnutls: Allow the generation of DH groups of less than 700 bits.
** libgnutls: Added several combinations of ciphersuites with SHA256 and SHA384 as MAC,
as well as Camellia with GCM.
** libdane: Added interfaces to allow initialization of dane_query_t from
external DNS resolutions, and to allow direct verification of a certificate
chain against a dane_query_t. Contributed by Christian Grothoff.
** libdane: Fixed a buffer overflow in dane_query_tlsa(). This could be
triggered by a DNS server supplying more than 4 DANE records. Report and fix
by Christian Grothoff.
** srptool: Fixed index command line option. Patch by Attila Molnar.
** gnutls-cli: Added support for inline commands, using the
--inline-commands-prefix and --inline-commands options. Patch by Raj Raman.
** certtool: pathlen constraint is now read correctly. Reported by
Christoph Seitz.
** API and ABI modifications:
gnutls_certificate_get_crt_raw: Added
dane_verify_crt_raw: Added
dane_raw_tlsa: Added
* Version 3.2.4 (released 2013-08-31)
** libgnutls: Fixes when session tickets and session DB are used.
Report and initial patch by Stefan Buehler.
** libgnutls: Added the RSA-PSK key exchange. Patch by by Frank Morgner,
based on previous patch by Bardenheuer GmbH and Bundesdruckerei GmbH.
** libgnutls: Added ciphersuites that use ARCFOUR with ECDHE. Patch
by Stefan Buehler.
** libgnutls: Added the PFS priority string option.
** libgnutls: Gnulib included files are strictly LGPLv2.
** libgnutls: Corrected gnutls_certificate_server_set_request().
Reported by Petr Pisar.
** API and ABI modifications:
gnutls_record_set_timeout: Exported
Changes since 1.0.5:
* SunOS build fix
* An other client info bugfix
* Client info bugfixes
* Client info option
* Client certificate validation
* Some cleanup in the client side connection code
* Type conversion to compile cleanly on OS X
* Version 0.4.5
- Restore compatibility with OSX <= 10.6
* Version 0.4.4
- Visual Studio is officially supported (VC 2010 & VC 2013)
- mingw64 is now supported
- big-endian architectures are now supported as well
- The donna_c64 implementation of curve25519_donna_c64 now handles
non-canonical points like the ref implementation
- Missing scalarmult_curve25519 and stream_salsa20 constants are now exported
- A crypto_onetimeauth_poly1305_ref() wrapper has been added
pkgsrc changes:
---------------
- Depends on security/py-ecdsa
- FETCH_USING=curl to deal with PyPi's htpps only website.
upstream changes:
-----------------
v1.12.0 (27th Sep 2013)
-----------------------
* #152: Add tentative support for ECDSA keys. *This adds the ecdsa
module as a new dependency of Paramiko.* The module is available at
[warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and
[ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa).
* Note that you might still run into problems with key negotiation --
Paramiko picks the first key that the server offers, which might not be
what you have in your known_hosts file.
* Mega thanks to Ethan Glasser-Camp for the patch.
* #136: Add server-side support for the SSH protocol's 'env' command. Thanks to
Benjamin Pollack for the patch.
v1.11.2 (27th Sep 2013)
-----------------------
* #156: Fix potential deadlock condition when using Channel objects as sockets
(e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold
for catch & patch.
* #179: Fix a missing variable causing errors when an ssh_config file has a
non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch
& patch.
* #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to Alex
Buchanan for catch & Dave Foster for patch.
* #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher
for catch & patch.
v1.12.0 (27th Sep 2013)
-----------------------
* #152: Add tentative support for ECDSA keys. *This adds the ecdsa
module as a new dependency of Paramiko.* The module is available at
[warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and
[ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa).
* Note that you might still run into problems with key negotiation --
Paramiko picks the first key that the server offers, which might not be
what you have in your known_hosts file.
* Mega thanks to Ethan Glasser-Camp for the patch.
* #136: Add server-side support for the SSH protocol's 'env' command. Thanks to
Benjamin Pollack for the patch.
v1.11.2 (27th Sep 2013)
-----------------------
* #156: Fix potential deadlock condition when using Channel objects as sockets
(e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold
for catch & patch.
* #179: Fix a missing variable causing errors when an ssh_config file has a
non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch
& patch.
* #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to Alex
Buchanan for catch & Dave Foster for patch.
* #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher
for catch & patch.
py-ecdsa is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve
Digital Signature Algorithm), implemented purely in Python, released under the
MIT license. With this library, you can quickly create keypairs (signing key
and verifying key), sign messages, and verify the signatures. The keys and
signatures are very short, making them easy to handle and incorporate into
other protocols.
pax -rw, the destination directory must exist. pax in NetBSD creates it if
not, pax in MirBSD complains. I read through all pkgsrc Makefiles that use
pax and added an entry to INSTALLATION_DIRS, or an INSTALL_DATA_DIR
invocation.
I did not test all the changes but they should be fairly safe. If you notice
any breakage because of this change, please contact me.
vis.h and glob.h are installed on Linux
(Debian GNU/Linux 7.1 and CentOS 6.4 at least)
* Makefile of Rev 1.100 removes vis.h and glob.h hack. My two Linux
environments require vis.h and glob.h entries for PLIST.
Set PLIST.vis and PLIST.glob for Linux.
