-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.1814
          Multiple vulnerabilities has been fixed in OpenSSH 6.6.
                                9 July 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           OpenSSH
Publisher:         OpenSSH
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Access Privileged Data -- Remote/Unauthenticated
                   Denial of Service      -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-5352  

Original Bulletin: 
   http://www.openssh.com/txt/release-6.9

- --------------------------BEGIN INCLUDED TEXT--------------------

OpenSSH 6.9 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html

Future Deprecation Notice
=========================

The 7.0 release of OpenSSH, due for release in late July, will
deprecate several features, some of which may affect compatibility
or existing configurations. The intended changes are as follows:

 * The default for the sshd_config(5) PermitRootLogin option will
   change from "yes" to "no".

 * Support for the legacy version 1.x of the SSH protocol will be
   disabled at compile time by default.

 * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange
   will be run-time disabled by default.

 * Support for ssh-dss, ssh-dss-cert-* host and user keys will be
   run-time disabled by default.

 * Support for the legacy v00 cert format will be removed

 * Several ciphers will be disabled by default: blowfish-cbc,
   cast128-cbc, all arcfour variants and the rijndael-cbc aliases
   for AES

 * Refusing all RSA keys smaller than 1024 bits (the current minimum
   is 768 bits)

This list reflects our current intentions, but please check the final
release notes for OpenSSH 7.0 when it is released.

Changes since OpenSSH 6.8
=========================

This is primarily a bugfix release.

Security
- --------

 * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no,
   connections made after ForwardX11Timeout expired could be permitted
   and no longer subject to XSECURITY restrictions because of an
   ineffective timeout check in ssh(1) coupled with "fail open"
   behaviour in the X11 server when clients attempted connections with
   expired credentials. This problem was reported by Jann Horn.

 * ssh-agent(1): fix weakness of agent locking (ssh-add -x) to
   password guessing by implementing an increasing failure delay,
   storing a salted hash of the password rather than the password
   itself and using a timing-safe comparison function for verifying
   unlock attempts. This problem was reported by Ryan Castellucci.

New Features
- ------------

 * ssh(1), sshd(8): promote chacha20-poly1305@openssh.com to be the
   default cipher

 * sshd(8): support admin-specified arguments to AuthorizedKeysCommand;
   bz#2081

 * sshd(8): add AuthorizedPrincipalsCommand that allows retrieving
   authorized principals information from a subprocess rather than
   a file.

 * ssh(1), ssh-add(1): support PKCS#11 devices with external PIN
   entry devices bz#2240

 * sshd(8): allow GSSAPI host credential check to be relaxed for
   multihomed hosts via GSSAPIStrictAcceptorCheck option; bz#928

 * ssh-keygen(1): support "ssh-keygen -lF hostname" to search
   known_hosts and print key hashes rather than full keys.

 * ssh-agent(1): add -D flag to leave ssh-agent in foreground without
   enabling debug mode; bz#2381

Bugfixes
- --------

 * ssh(1), sshd(8): deprecate legacy SSH2_MSG_KEX_DH_GEX_REQUEST_OLD
   message and do not try to use it against some 3rd-party SSH
   implementations that use it (older PuTTY, WinSCP).

 * Many fixes for problems caused by compile-time deactivation of
   SSH1 support (including bz#2369)

 * ssh(1), sshd(8): cap DH-GEX group size at 4Kbits for Cisco
   implementations as some would fail when attempting to use group
   sizes >4K; bz#2209

 * ssh(1): fix out-of-bound read in EscapeChar configuration option
   parsing; bz#2396

 * sshd(8): fix application of PermitTunnel, LoginGraceTime,
   AuthenticationMethods and StreamLocalBindMask options in Match
   blocks

 * ssh(1), sshd(8): improve disconnection message on TCP reset;
   bz#2257

 * ssh(1): remove failed remote forwards established by muliplexing
   from the list of active forwards; bz#2363

 * sshd(8): make parsing of authorized_keys "environment=" options
   independent of PermitUserEnv being enabled; bz#2329

 * sshd(8): fix post-auth crash with permitopen=none; bz#2355

 * ssh(1), ssh-add(1), ssh-keygen(1): allow new-format private keys
   to be encrypted with AEAD ciphers; bz#2366

 * ssh(1): allow ListenAddress, Port and AddressFamily configuration
   options to appear in any order; bz#86

 * sshd(8): check for and reject missing arguments for VersionAddendum
   and ForceCommand; bz#2281

 * ssh(1), sshd(8): don't treat unknown certificate extensions as
   fatal; bz#2387

 * ssh-keygen(1): make stdout and stderr output consistent; bz#2325

 * ssh(1): mention missing DISPLAY environment in debug log when X11
   forwarding requested; bz#1682

 * sshd(8): correctly record login when UseLogin is set; bz#378

 * sshd(8): Add some missing options to sshd -T output and fix output
   of VersionAddendum and HostCertificate. bz#2346   

 * Document and improve consistency of options that accept a "none"
   argument" TrustedUserCAKeys, RevokedKeys (bz#2382),
   AuthorizedPrincipalsFile (bz#2288)

 * ssh(1): include remote username in debug output; bz#2368

 * sshd(8): avoid compatibility problem with some versions of Tera
   Term, which would crash when they received the hostkeys notification
   message (hostkeys-00@openssh.com)

 * sshd(8): mention ssh-keygen -E as useful when comparing legacy MD5
   host key fingerprints; bz#2332

 * ssh(1): clarify pseudo-terminal request behaviour and use make
   manual language consistent; bz#1716

 * ssh(1): document that the TERM environment variable is not subject
   to SendEnv and AcceptEnv; bz#2386

Portable OpenSSH
- ----------------

 * sshd(8): Format UsePAM setting when using sshd -T, part of bz#2346

 * Look for '${host}-ar' before 'ar', making cross-compilation easier;
   bz#2352.

 * Several portable compilation fixes: bz#2402, bz#2337, bz#2370

 * moduli(5): update DH-GEX moduli

Checksums:
==========

 - SHA1 (openssh-6.9.tar.gz) = cd5fcb93411025bbc4b4b57753b622769dfb1e0d
 - SHA256 (openssh-6.9.tar.gz) = itCMw0aE/xvrGKWhzRD2UM/9kzIOyFaH2dIWMfX8agQ=

 - SHA1 (openssh-6.9p1.tar.gz) = 86ab57f00d0fd9bf302760f2f6deac1b6e9df265
 - SHA256 (openssh-6.9p1.tar.gz) = bgdN9TjzV9RAvmz5PcWBoh8i054jbyF/zY6su2yJbP4=

Please note that the PGP key used to sign releases was recently rotated.
The new key has been signed by the old key to provide continuity. It is
available from the mirror sites as RELEASE_KEY.asc.

Reporting Bugs:
===============

- - Please read http://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVZ4EJ36ZAP0PgtI9AQK7jRAAjoH/j/iWRzQjXO7PbLalXGMeVuHyinVH
DuhZAcbZ8OSPJCGKt+mQWsGPH2hikttq2D+0SNj83IvIbU3TKnGiwBn1NoJDZojY
ewjMD0Rjx2rXzfGAAyFw78MaHDYmcBlDaxeywmRPh7PhHlWblurC+VDL6aKmbaRj
YWo4f9QFNqVRil3G970VHrDzDDI1JOzODl/ox2mk4Z3PSzjkBqnli6kzeRPJKmoi
LB4sPjjlRTD2RDHDYr/JmabIHirxGv5n4rb2yH4HHv+rqzWsm4yIDdVUmm9gq/2k
N7rrnEgS1JjZQs2S3LPqfB3+W69ia7/sqZOunOn9Prjr+vmr9Dunlw2cvyvefcDw
VoBzubZGN/878oACGo+dzC0Wh8bkGIjaIPWo5zeiTsFR8hizHpUZd1hqK8U4kSoN
0T90uR0HAM+vOIFUKwogXraj7v2eRUQd2xWXMKA7jR7nYD9lK137fiXyliYjlZGr
l+todypuvuc5sVLUzJF57lEiDOAG+Nn+FT8vxdQDnrgIdyWvydSI20skhxgvHpp5
5mFxiipGE68Z9smtank7QjuwbcF7D0x5lHn5him/UQ4Tx6lwbwMsMkyPHE57BLVG
v36TpwCa4fnwQz2b6645MGmtOlW/7U7wTQVpBEhlw3by13FKATst+fR25EXJAUWf
XZGhwT9TfD0=
=exIW
-----END PGP SIGNATURE-----