Copssh version 6.1.0 comes with the latest versions of OpenSSH (7.6) and LibreSSL (2.5.5). We have also updated the Cygwin and GNU Tools to their latest available versions.
Security issue:
- sftp-server(8): in read-only mode, sftp-server was incorrectly permitting creation of zero-length files. Reported by Michal Zalewski.
Potentially-incompatible changes in OpenSSH:
This release includes a number of changes that may affect existing configurations:
- ssh(1): delete SSH protocol version 1 support, associated configuration options and documentation.
- ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC.
- ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST ciphers.
- Refuse RSA keys <1024 bits in length and improve reporting for keys that do not meet this requirement.
- ssh(1): do not offer CBC ciphers by default.