Copssh version 6.2.2 installers come with LibreSSL 2.7.4 which is a security update with the following changes:
- Avoid a timing side-channel leak when generating DSA and ECDSA signatures. This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group.
- Reject excessively large primes in DH key generation. Problem reported by Guido Vranken to OpenSSL (https://github.com/openssl/openssl/pull/6457) and based on his diff.