Copssh version 5.4.1 bundle contains 32/64-bit client/server installers with updated OpenSSL and Cygwin/GNU tools. OpenSSL 1.0.2e fixes 5 security vulnerabilities:
- Moderate - BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
- Moderate - Certificate verify crash with missing PSS parameter (CVE-2015-3194)
- Moderate - X509_ATTRIBUTE memory leak (CVE-2015-3195)
- Low - Race condition handling PSK identify hint (CVE-2015-3196)
- Low - Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)
We have also updated Cygwin/GNU Tools to the latest stable versions. Enjoy!
