diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2023-02-06 21:54:56 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2023-02-13 13:16:22 +0000 |
| commit | 2f43f145825d0d8468f583b1686262b0f40c1fe5 (patch) | |
| tree | 9d2d045e248438affec7e667444316491960c0ac /crypto/openssh/regress/hostbased.sh | |
| parent | 412d15f7268e0662909822b1aef71536a2b285e5 (diff) | |
ssh: update to OpenSSH 9.2p1
Release notes are available at https://www.openssh.com/txt/release-9.2
OpenSSH 9.2 contains fixes for two security problems and a memory safety
problem. The memory safety problem is not believed to be exploitable.
These fixes have already been committed to OpenSSH 9.1 in FreeBSD.
Some other notable items from the release notes:
* ssh(1): add a new EnableEscapeCommandline ssh_config(5) option that
controls whether the client-side ~C escape sequence that provides a
command-line is available. Among other things, the ~C command-line
could be used to add additional port-forwards at runtime.
* sshd(8): add support for channel inactivity timeouts via a new
sshd_config(5) ChannelTimeout directive. This allows channels that
have not seen traffic in a configurable interval to be
automatically closed. Different timeouts may be applied to session,
X11, agent and TCP forwarding channels.
* sshd(8): add a sshd_config UnusedConnectionTimeout option to
terminate client connections that have no open channels for a
length of time. This complements the ChannelTimeout option above.
* sshd(8): add a -V (version) option to sshd like the ssh client has.
* scp(1), sftp(1): add a -X option to both scp(1) and sftp(1) to
allow control over some SFTP protocol parameters: the copy buffer
length and the number of in-flight requests, both of which are used
during upload/download. Previously these could be controlled in
sftp(1) only. This makes them available in both SFTP protocol
clients using the same option character sequence.
* ssh-keyscan(1): allow scanning of complete CIDR address ranges,
e.g. "ssh-keyscan 192.168.0.0/24". If a CIDR range is passed, then
it will be expanded to all possible addresses in the range
including the all-0s and all-1s addresses. bz#976
* ssh(1): support dynamic remote port forwarding in escape
command-line's -R processing. bz#3499
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f374ba41f55c1a127303d92d830dd58eef2f5243)
Diffstat (limited to 'crypto/openssh/regress/hostbased.sh')
| -rw-r--r-- | crypto/openssh/regress/hostbased.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/openssh/regress/hostbased.sh b/crypto/openssh/regress/hostbased.sh index 04a1c1a2da45..eb9cf2727d33 100644 --- a/crypto/openssh/regress/hostbased.sh +++ b/crypto/openssh/regress/hostbased.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostbased.sh,v 1.3 2022/01/08 07:55:26 dtucker Exp $ +# $OpenBSD: hostbased.sh,v 1.4 2022/12/07 11:45:43 dtucker Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless @@ -8,7 +8,7 @@ # - ssh-keysign must be installed and setuid. # - "EnableSSHKeysign yes" must be in the system ssh_config. # - the system's own real FQDN the system-wide shosts.equiv. -# - the system's real public key fingerprints must me in global ssh_known_hosts. +# - the system's real public key fingerprints must be in global ssh_known_hosts. # tid="hostbased" |