Copssh changelog

Release history grouped from the itefix master release export.

Back to software index

Latest release summary

Latest release components

No component table was found for the latest release.

Changelog history

2020-06-08 Copssh 7.3.0 (security)

• Copssh version 7.3.0 installers come with OpenSSH 8.3p and LibreSSL 3.1.2 . (Due to version bump-up from LibreSSL 3.0.2 at our side, you may also be interested in release notes for 3.1.1 and 3.1.0 as well). Security ======== * scp(1): when receiving files, scp(1) could be become desynchronised if a utimes(2) system call failed. This could allow file contents to be interpreted as file metadata and thereby permit an adversary to craft a file system that, when copied with scp(1) in a configuration that caused utimes(2) to fail (e.g. under a SELinux policy or syscall sandbox), transferred different file names and contents to the actual file system layout. Exploitation of this is not likely as utimes(2) does not fail under normal circumstances. Successful exploitation is not silent - the output of scp(1) would show transfer errors followed by the actual file(s) that were received. Finally, filenames returned from the peer are (since openssh-8.0) matched against the user’s requested destination, thereby disallowing a successful exploit from writing files outside the user’s selected target glob (or directory, in the case of a recursive transfer). This ensures that this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol

2020-02-20 Copssh 7.2.0

• Copssh version 7.2.0 installers come with OpenSSH 8.2p , LibreSSL 3.0.2 and most recent versions of Cygwin and GNU tools. We have also updated Copssh Control Panel with some minor fixes. – Incompatibility note for Copssh versions 6.x and earlier – As of version 7.0, Copssh uses Cygwin 3.x libraries, introducing major and backwards-incompatible changes, thus requiring a reinstallation. You can follow our instructions here , to refresh your installation withour losing your existing setup. Thanks to major changes in Cygwin, Copssh doesn’t need a dedicated service account any longer and is run by the local system account. The logic behind the sftp home directory isolation is now improved by introducing symbolic link folders: Each activated user gets a symbolic link folder /home/___ username , pointing to the home directory provided via the User Activation wizard, resulting with a more stable and less error-prone solution. A small patch avoiding messages “bad ownership or modes for chroot directory” (non-relevant for a Copssh installation), is also introduced. NB! As always mentioned, even if the home directory isolation works as expected, you should use NTFS permissions on your file systems to achieve better security. — Potentially-incompatible changes in OpenSSH 8.2.0 This release includes a number of changes that may affect existing configurations: * ssh(1), sshd(8): the above removal of “ssh-rsa” from the accepted CASignatureAlgorithms list. * ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1 from the default key exchange proposal for both the client and server. * ssh-keygen(1): the command-line options related to the generation and screening of safe prime numbers used by the diffie-hellman-group-exchange-* key exchange algorithms have changed. Most options have been folded under the -O flag. * sshd(8): the sshd listener process title visible to ps(1) has changed to include information about the number of connections that are currently attempting authentication and the limits configured by MaxStartups. * ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). It needs to be installed in the expected path, typically under /usr/libexec or similar.

2019-10-12 Copssh 7.1.0

• ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer overflow bug was found in the private key parsing code for the XMSS key type. This key type is still experimental and support for it is not compiled by default. No user-facing autoconf option exists in portable OpenSSH to enable it. This bug was found by Adam Zabrocki and reported via SecuriTeam’s SSD program.
• ssh(1), sshd(8), ssh-agent(1): add protection for private keys at rest in RAM against speculation and memory side-channel attacks like Spectre, Meltdown and Rambleed. This release encrypts private keys when they are not in use with a symmetric key that is derived from a relatively large “prekey” consisting of random data (currently 16KB).

2019-08-27 Copssh 7.0.0

• Copssh version 7.0.0 installers come with the latest Cygwin 3.x libraries, introducing major and backwards-incompatible changes, requiring a reinstallation. You can follow our instructions here , to refresh your installation withour losing your existing setup. Thanks to major changes in Cygwin, Copssh doesn’t need a dedicated service account any longer and is run by the local system account. The logic behind the sftp home directory isolation is now improved by introducing symbolic link folders: Each activated user gets a symbolic link folder /home/___ username , pointing to the home directory provided via the User Activation wizard, resulting with a more stable and less error-prone solution. A small patch(link is external) avoiding messages “bad ownership or modes for chroot directory” (non-relevant for a Copssh installation), is also introduced. NB! As always mentioned, even if the home directory isolation works as expected, you should use NTFS permissions on your file systems to achieve better security.

2019-04-30 Copssh 6.5.0 (security)

• Copssh version 6.5.0 installers come with OpenSSH 8.0p1 , which contains mitigation for a weakness in the scp(1) tool and protocol (CVE-2019-6111), in addition to many new features and bug fixes. SSL Library LibreSSL is also updated to its latest available version, 2.9.1 . Copssh Control Panel displays now related eventlog entries in local time instead of GMT, and the password length for the service account and the privilege separation account is increased to 36 chars (lower and uppercase and digits). The Copssh product bundle has now only installers with 64-bit binaries. 32-bit binaries are not offered any longer.

2018-10-20 Copssh 6.4.0

• Copssh version 6.4.0 installers come with OpenSSH 7.9p1 which is primarily a bug fix release. SSL Library LibreSSL is also updated to its latest available version, 2.8.2 ., in addition to Cygwin and GNU tools which have got a major refresh.

2018-08-25 Copssh 6.3.0 (security)

• Copssh version 6.3.0 installers come with OpenSSH 7.8p1 including a patch addressing CVE-2018-15473 . It is not marked as a security update by the OpenSSH team, as they consider it as a partial disclosure of non-sensitive information . CHANGES: Potentially-incompatible changes This release includes a number of changes that may affect existing configurations: * ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL’s PEM format. The OpenSSH format, supported in OpenSSH releases since 2014 and described in the PROTOCOL.key file in the source distribution, offers substantially better protection against offline password guessing and supports key comments in private keys. If necessary, it is possible to write old PEM-style keys by adding “-m PEM” to ssh-keygen’s arguments when generating or updating a key. * sshd(8): remove internal support for S/Key multiple factor authentication. S/Key may still be used via PAM or BSD auth. * ssh(1): remove vestigal support for running ssh(1) as setuid. This used to be required for hostbased authentication and the (long gone) rhosts-style authentication, but has not been necessary for a long time. Attempting to execute ssh as a setuid binary, or with uid != effective uid will now yield a fatal error at runtime. * sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar HostbasedAcceptedKeyTypes options have changed. These now specify signature algorithms that are accepted for their respective authentication mechanism, where previously they specified accepted key types. This distinction matters when using the RSA/SHA2 signature algorithms “rsa-sha2-256”, “rsa-sha2-512” and their certificate counterparts. Configurations that override these options but omit these algorithm names may cause unexpected authentication failures (no action is required for configurations that accept the default for these options). * sshd(8): the precedence of session environment variables has changed. ~/.ssh/environment and environment="…" options in authorized_keys files can no longer override SSH_* variables set implicitly by sshd. * ssh(1)/sshd(8): the default IPQoS used by ssh/sshd has changed. They will now use DSCP AF21 for interactive traffic and CS1 for bulk. For a detailed rationale, please see the commit message: https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.284 Changes since OpenSSH 7.7 This is primarily a bugfix release. New Features * ssh(1)/sshd(8): add new signature algorithms " rsa-sha2-256-cert-v01@openssh.com " and " rsa-sha2-512-cert-v01@openssh.com " to explicitly force use of RSA/SHA2 signatures in authentication. * sshd(8): extend the PermitUserEnvironment option to accept a whitelist of environment variable names in addition to global “yes” or “no” settings. * sshd(8): add a PermitListen directive to sshd_config(5) and a corresponding permitlisten= authorized_keys option that control which listen addresses and port numbers may be used by remote forwarding (ssh -R …). * sshd(8): add some countermeasures against timing attacks used for account validation/enumeration. sshd will enforce a minimum time or each failed authentication attempt consisting of a global 5ms minimum plus an additional per-user 0-4ms delay derived from a host secret. * sshd(8): add a SetEnv directive to allow an administrator to explicitly specify environment variables in sshd_config. Variables set by SetEnv override the default and client-specified environment. * ssh(1): add a SetEnv directive to request that the server sets an environment variable in the session. Similar to the existing SendEnv option, these variables are set subject to server configuration. * ssh(1): allow “SendEnv -PATTERN” to clear environment variables previously marked for sending to the server. bz#1285 * ssh(1)/sshd(8): make UID available as a %-expansion everywhere that the username is available currently. bz#2870 * ssh(1): allow setting ProxyJump=none to disable ProxyJump functionality. bz#2869 Bugfixes * sshd(8): avoid observable differences in request parsing that could be used to determine whether a target user is valid. * all: substantial internal refactoring * ssh(1)/sshd(8): fix some memory leaks; bz#2366 * ssh(1): fix a pwent clobber (introduced in openssh-7.7) that could occur during key loading, manifesting as crash on some platforms. * sshd_config(5): clarify documentation for AuthenticationMethods option; bz#2663 * ssh(1): ensure that the public key algorithm sent in a public key SSH_MSG_USERAUTH_REQUEST matches the content of the signature blob. Previously, these could be inconsistent when a legacy or non-OpenSSH ssh-agent returned a RSA/SHA1 signature when asked to make a RSA/SHA2 signature. * sshd(8): fix failures to read authorized_keys caused by faulty supplemental group caching. bz#2873 * scp(1): apply umask to directories, fixing potential mkdir/chmod race when copying directory trees bz#2839 * ssh-keygen(1): return correct exit code when searching for and hashing known_hosts entries in a single operation; bz#2772 * ssh(1): prefer the ssh binary pointed to via argv[0] to $PATH when re-executing ssh for ProxyJump. bz#2831 * sshd(8): do not ban PTY allocation when a sshd session is restricted because the user password is expired as it breaks password change dialog. (regression in openssh-7.7). * ssh(1)/sshd(8): fix error reporting from select() failures. * ssh(1): improve documentation for -w (tunnel) flag, emphasising that -w implicitly sets Tunnel=point-to-point. bz#2365 * ssh-agent(1): implement EMFILE mitigation for ssh-agent. ssh-agent will no longer spin when its file descriptor limit is exceeded. bz#2576 * ssh(1)/sshd(8): disable SSH2_MSG_DEBUG messages for Twisted Conch clients. Twisted Conch versions that lack a version number in their identification strings will mishandle these messages when running on Python 2.x ( https://twistedmatrix.com/trac/ticket/9422 ) * sftp(1): notify user immediately when underlying ssh process dies expectedly. bz#2719 * ssh(1)/sshd(8): fix tunnel forwarding; regression in 7.7 release. bz#2855 * ssh-agent(1): don’t kill ssh-agent’s listening socket entirely if it fails to accept(2) a connection. bz#2837 * sshd(8): relax checking of authorized_keys environment="…" options to allow underscores in variable names (regression introduced in 7.7). bz#2851 * ssh(1): add some missing options in the configuration dump output (ssh -G). bz#2835 Portability * sshd(8): Expose details of completed authentication to PAM auth modules via SSH_AUTH_INFO_0 in the PAM environment. bz#2408 * Fix compilation problems caused by fights between zlib and OpenSSL colliding uses of “free_func” * Improve detection of unsupported compiler options. Recently these may have manifested as “unsupported -Wl,-z,retpoline” warnings during linking. * sshd(8): some sandbox support for Linux/s390 bz#2752. * regress tests: unbreak key-options.sh test on platforms without openpty(3). bz#2856 * use getrandom(2) for PRNG seeding when built without OpenSSL.

2018-08-18 Copssh 6.2.2 (security)

• Avoid a timing side-channel leak when generating DSA and ECDSA signatures. This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group.
• Reject excessively large primes in DH key generation. Problem reported by Guido Vranken to OpenSSL ( https://github.com/openssl/openssl/pull/6457 ) and based on his diff.

2018-06-01 Copssh 6.2.1

• Copssh version 6.2.1 installers come with LibreSSL 2.7.3 and an updated cygwin1.dll (2.10.1 - 20180214), which fixes a newly introduced bug causing files with temporary flag on being not visible for operations. See here for more information.

2018-04-09 Copssh 6.2.0

• ssh(1)/sshd(8): Drop compatibility support for some very old SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The support in question isn’t necessary for RFC-compliant SSH implementations.
• sshd(8): Add “expiry-time” option for authorized_keys files to allow for expiring keys.
• ssh(1)/scp(1)/sftp(1): Add URI support to ssh, sftp and scp, e.g. ssh://user@host or sftp://user@host/path . Additional connection parameters described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the ssh fingerprint format in the draft uses the deprecated MD5 hash with no way to specify the any other algorithm.

2018-04-05 Copssh 6.1.3

• Copssh version 6.1.3 comes with the latest version of LibreSSL ( 2.7.2 ). Cygwin and other GNU tools are also updated to their latest available version.

2018-02-19 Copssh 6.1.2

• Copssh version 6.1.2 comes with the latest version of LibreSSL ( 2.6.4 ). A predefined working directory ( inst_directory \ _work ) is now used to unpack subinstallers and other installer tools, allowing anti malware/virus programs for exclusion in a deterministic way if necessary. Working directory will be removed upon a successful installation.

2017-11-11 Copssh 6.1.1

• Copssh version 6.1.1 comes with the latest version LibreSSL ( 2.6.3 ). Upgrade logic in our installers are also improved.

2017-10-04 Copssh 6.1.0 (security)

• sftp-server(8): in read-only mode, sftp-server was incorrectly permitting creation of zero-length files. Reported by Michal Zalewski.
• ssh(1): delete SSH protocol version 1 support, associated configuration options and documentation.
• ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC.
• ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST ciphers.
• Refuse RSA keys <1024 bits in length and improve reporting for keys that do not meet this requirement.
• ssh(1): do not offer CBC ciphers by default.

2017-05-20 Copssh 6.0.0

• Copssh version 6.0.0 is a major update and uses now LibreSSL instead of OpenSSL as the cryptographic library provider. LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes. Primary development occurs inside the OpenBSD source tree with the usual care the project is known for. On a regular basis the code is re-packaged for portable use by other operating systems (Linux, FreeBSD, Windows, etc). See https://en.wikipedia.org/wiki/LibreSSL for more detailed information. We have also upgraded Cygwin and GNU tools to their latest available versions.

2017-03-22 Copssh 5.9.0 (security)

• ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed. Note that the OpenSSH client disables CBC ciphers by default, sshd offers them as lowest-preference options and will remove them by default entriely in the next release. Reported by Jean Paul Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of Royal Holloway, University of London.
• sftp-client(1): [portable OpenSSH only] On Cygwin, a client making a recursive file transfer could be maniuplated by a hostile server to perform a path-traversal attack. creating or modifying files outside of the intended target directory. Reported by Jann Horn of Google Project Zero.
• Truncated packet could crash via OOB read (CVE-2017-3731)
• BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
• Montgomery multiplication may produce incorrect results (CVE-2016-7055)

2017-02-08 Copssh 5.8.1

• Copssh version 5.8.1 bundle contains server installers with improved support for domain based service accounts. We have also updated the Control Panel to configure many advanced server-wide options through the GUI. User specific advanced options are also updated to support more options. Lack of proper permissions on the host private keys are now fixed so that they are only visible to the service account.

2016-12-21 Copssh 5.8.0 (security)

• Copssh version 5.8.0 bundle contains 32/64-bit client/server installers containing the latest OpenSSH 7.4p1 with potentially-incompatible changes, security and bug fixes: Potentially-incompatible changes ================================ This release includes a number of changes that may affect existing configurations: * This release removes server support for the SSH v.1 protocol. * ssh(1): Remove 3des-cbc from the client’s default proposal. 64-bit block ciphers are not safe in 2016 and we don’t want to wait until attacks like SWEET32 are extended to SSH. As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may cause problems connecting to older devices using the default configuration, but it’s highly likely that such devices already need explicit configuration for key exchange and hostkey algorithms already anyway. * sshd(8): Remove support for pre-authentication compression. Doing compression early in the protocol probably seemed reasonable in the 1990s, but today it’s clearly a bad idea in terms of both cryptography (cf. multiple compression oracle attacks in TLS) and attack surface. Pre-auth compression support has been disabled by default for >10 years. Support remains in the client. * ssh-agent will refuse to load PKCS#11 modules outside a whitelist of trusted paths by default. The path whitelist may be specified at run-time. * sshd(8): When a forced-command appears in both a certificate and an authorized keys/principals command= restriction, sshd will now refuse to accept the certificate unless they are identical. The previous (documented) behaviour of having the certificate forced-command override the other could be a bit confusing and error-prone. * sshd(8): Remove the UseLogin configuration directive and support for having /bin/login manage login sessions. Changes since OpenSSH 7.3 ========================= This is primarily a bugfix release. Security ——– * ssh-agent(1): Will now refuse to load PKCS#11 modules from paths outside a trusted whitelist (run-time configurable). Requests to load modules could be passed via agent forwarding and an attacker could attempt to load a hostile PKCS#11 module across the forwarded agent channel: PKCS#11 modules are shared libraries, so this would result in code execution on the system running the ssh-agent if the attacker has control of the forwarded agent-socket (on the host running the sshd server) and the ability to write to the filesystem of the host running ssh-agent (usually the host running the ssh client). Reported by Jann Horn of Project Zero. * sshd(8): When privilege separation is disabled, forwarded Unix- domain sockets would be created by sshd(8) with the privileges of ‘root’ instead of the authenticated user. This release refuses Unix-domain socket forwarding when privilege separation is disabled (Privilege separation has been enabled by default for 14 years). Reported by Jann Horn of Project Zero. * sshd(8): Avoid theoretical leak of host private key material to privilege-separated child processes via realloc() when reading keys. No such leak was observed in practice for normal-sized keys, nor does a leak to the child processes directly expose key material to unprivileged users. Reported by Jann Horn of Project Zero. * sshd(8): The shared memory manager used by pre-authentication compression support had a bounds checks that could be elided by some optimising compilers. Additionally, this memory manager was incorrectly accessible when pre-authentication compression was disabled. This could potentially allow attacks against the privileged monitor process from the sandboxed privilege-separation process (a compromise of the latter would be required first). This release removes support for pre-authentication compression from sshd(8). Reported by Guido Vranken using the Stack unstable optimisation identification tool ( http://css.csail.mit.edu/stack/ ) * sshd(8): Fix denial-of-service condition where an attacker who sends multiple KEXINIT messages may consume up to 128MB per connection. Reported by Shi Lei of Gear Team, Qihoo 360. * sshd(8): Validate address ranges for AllowUser and DenyUsers directives at configuration load time and refuse to accept invalid ones. It was previously possible to specify invalid CIDR address ranges (e.g. user@127.1.2.3 /55) and these would always match, possibly resulting in granting access where it was not intended. Reported by Laurence Parry. New Features ———— * ssh(1): Add a proxy multiplexing mode to ssh(1) inspired by the version in PuTTY by Simon Tatham. This allows a multiplexing client to communicate with the master process using a subset of the SSH packet and channels protocol over a Unix-domain socket, with the main process acting as a proxy that translates channel IDs, etc. This allows multiplexing mode to run on systems that lack file- descriptor passing (used by current multiplexing code) and potentially, in conjunction with Unix-domain socket forwarding, with the client and multiplexing master process on different machines. Multiplexing proxy mode may be invoked using “ssh -O proxy …” * sshd(8): Add a sshd_config DisableForwarding option that disables X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as anything else we might implement in the future. Like the ‘restrict’ authorized_keys flag, this is intended to be a simple and future-proof way of restricting an account. * sshd(8), ssh(1): Support the “curve25519-sha256” key exchange method. This is identical to the currently-supported method named " curve25519-sha256@libssh.org “. * sshd(8): Improve handling of SIGHUP by checking to see if sshd is already daemonised at startup and skipping the call to daemon(3) if it is. This ensures that a SIGHUP restart of sshd(8) will retain the same process-ID as the initial execution. sshd(8) will also now unlink the PidFile prior to SIGHUP restart and re-create it after a successful restart, rather than leaving a stale file in the case of a configuration error. bz#2641 * sshd(8): Allow ClientAliveInterval and ClientAliveCountMax directives to appear in sshd_config Match blocks. * sshd(8): Add %-escapes to AuthorizedPrincipalsCommand to match those supported by AuthorizedKeysCommand (key, key type, fingerprint, etc.) and a few more to provide access to the contents of the certificate being offered. * Added regression tests for string matching, address matching and string sanitisation functions. * Improved the key exchange fuzzer harness. Bugfixes ——– * ssh(1): Allow IdentityFile to successfully load and use certificates that have no corresponding bare public key. bz#2617 certificate id_rsa-cert.pub (and no id_rsa.pub). * ssh(1): Fix public key authentication when multiple authentication is in use and publickey is not just the first method attempted. bz#2642 * regress: Allow the PuTTY interop tests to run unattended. bz#2639 * ssh-agent(1), ssh(1): improve reporting when attempting to load keys from PKCS#11 tokens with fewer useless log messages and more detail in debug messages. bz#2610 * ssh(1): When tearing down ControlMaster connections, don’t pollute stderr when LogLevel=quiet. * sftp(1): On ^Z wait for underlying ssh(1) to suspend before suspending sftp(1) to ensure that ssh(1) restores the terminal mode correctly if suspended during a password prompt. * ssh(1): Avoid busy-wait when ssh(1) is suspended during a password prompt. * ssh(1), sshd(8): Correctly report errors during sending of ext- info messages. * sshd(8): fix NULL-deref crash if sshd(8) received an out-of- sequence NEWKEYS message. * sshd(8): Correct list of supported signature algorithms sent in the server-sig-algs extension. bz#2547 * sshd(8): Fix sending ext_info message if privsep is disabled. * sshd(8): more strictly enforce the expected ordering of privilege separation monitor calls used for authentication and allow them only when their respective authentication methods are enabled in the configuration * sshd(8): Fix uninitialised optlen in getsockopt() call; harmless on Unix/BSD but potentially crashy on Cygwin. * Fix false positive reports caused by explicit_bzero(3) not being recognised as a memory initialiser when compiled with -fsanitize-memory. * sshd_config(5): Use 2001:db8::/32, the official IPv6 subnet for configuration examples. Portability ———– * On environments configured with Turkish locales, fall back to the C/POSIX locale to avoid errors in configuration parsing caused by that locale’s unique handling of the letters ‘i’ and ‘I’. bz#2643 * sftp-server(8), ssh-agent(1): Deny ptrace on OS X using ptrace(PT_DENY_ATTACH, ..) * ssh(1), sshd(8): Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL. * Fix compilation for libcrypto compiled without RIPEMD160 support. * contrib: Add a gnome-ssh-askpass3 with GTK+3 support. bz#2640 * sshd(8): Improve PRNG reseeding across privilege separation and force libcrypto to obtain a high-quality seed before chroot or sandboxing. * All: Explicitly test for broken strnvis. NetBSD added an strnvis and unfortunately made it incompatible with the existing one in OpenBSD and Linux’s libbsd (the former having existed for over ten years). Try to detect this mess, and assume the only safe option if we’re cross compiling.

2016-09-27 Copssh 5.7.0 (security)

• Copssh version 5.7.0 bundle contains 32/64-bit client/server installers containing OpenSSL 1.0.2j with security fixes, Cygwin and GNU Tools with their latest available versions. As a result of that update, Windows XP/2003 are not supported any longer. Our installer logic is also updated resulting with about some size decrease and more secure service account setup.

2016-08-01 Copssh 5.6.0 (security)

• Copssh version 5.6.0 bundle contains 32/64-bit client/server installers containing recently released OpenSSH 7.3p1 .

2016-05-22 Copssh 5.5.3 (security)

• Copssh version 5.5.3 bundle contains 32/64-bit client/server installers containing OpenSSL 1.0.2h . Cygwin and related GNU tools are also updated to their latest available versions.

2016-03-13 Copssh 5.5.2 (security)

• Copssh version 5.5.2 comes with OpenSSH 7.2p2, fixing security vulnerability related to x11 forwarding .

2016-03-02 Copssh 5.5.1 (security)

• Copssh version 5.5.1 bundle contains 32/64-bit client/server installers containing OpenSSL 1.0.2g : OpenSSL Security Advisory [1st March 2016] ========================================= NOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as well as removing SSLv2 EXPORT ciphers. We strongly advise against the use of SSLv2 due not only to the issues described below, but to the other known deficiencies in the protocol as described at https://tools.ietf.org/html/rfc6176 Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800) ================================================================ Severity: High A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server. This vulnerability is known as DROWN (CVE-2016-0800). Recovering one session key requires the attacker to perform approximately 2^50 computation, as well as thousands of connections to the affected server. A more efficient variant of the DROWN attack exists against unpatched OpenSSL servers using versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on 19/Mar/2015 (see CVE-2016-0703 below). Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers, if they’ve not done so already. Disabling all SSLv2 ciphers is also sufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and 1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol, and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2 ciphers are nominally disabled, because malicious clients can force the use of SSLv2 with EXPORT ciphers. OpenSSL 1.0.2g and 1.0.1s deploy the following mitigation against DROWN: SSLv2 is now by default disabled at build-time. Builds that are not configured with “enable-ssl2” will not support SSLv2. Even if “enable-ssl2” is used, users who want to negotiate SSLv2 via the version-flexible SSLv23_method() will need to explicitly call either of: SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl, SSL_OP_NO_SSLv2); as appropriate. Even if either of those is used, or the application explicitly uses the version-specific SSLv2_method() or its client or server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no longer available. In addition, weak ciphers in SSLv3 and up are now disabled in default builds of OpenSSL. Builds that are not configured with “enable-weak-ssl-ciphers” will not provide any “EXPORT” or “LOW” strength ciphers. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was reported to OpenSSL on December 29th 2015 by Nimrod Aviram and Sebastian Schinzel. The fix was developed by Viktor Dukhovni and Matt Caswell of OpenSSL. Double-free in DSA code (CVE-2016-0705) ======================================= Severity: Low A double free bug was discovered when OpenSSL parses malformed DSA private keys and could lead to a DoS attack or memory corruption for applications that receive DSA private keys from untrusted sources. This scenario is considered rare. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was reported to OpenSSL on February 7th 2016 by Adam Langley (Google/BoringSSL) using libFuzzer. The fix was developed by Dr Stephen Henson of OpenSSL. Memory leak in SRP database lookups (CVE-2016-0798) =================================================== Severity: Low The SRP user database lookup method SRP_VBASE_get_by_user had confusing memory management semantics; the returned pointer was sometimes newly allocated, and sometimes owned by the callee. The calling code has no way of distinguishing these two cases. Specifically, SRP servers that configure a secret seed to hide valid login information are vulnerable to a memory leak: an attacker connecting with an invalid username can cause a memory leak of around 300 bytes per connection. Servers that do not configure SRP, or configure SRP but do not configure a seed are not vulnerable. In Apache, the seed directive is known as SSLSRPUnknownUserSeed. To mitigate the memory leak, the seed handling in SRP_VBASE_get_by_user is now disabled even if the user has configured a seed. Applications are advised to migrate to SRP_VBASE_get1_by_user. However, note that OpenSSL makes no strong guarantees about the indistinguishability of valid and invalid logins. In particular, computations are currently not carried out in constant time. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was discovered on February 23rd 2016 by Emilia Käsper of the OpenSSL development team. Emilia Käsper also developed the fix. BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797) ====================================================================== Severity: Low In the BN_hex2bn function the number of hex digits is calculated using an int value |i|. Later |bn_expand| is called with a value of |i * 4|. For large values of |i| this can result in |bn_expand| not allocating any memory because |i * 4| is negative. This can leave the internal BIGNUM data field as NULL leading to a subsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4| could be a positive value smaller than |i|. In this case memory is allocated to the internal BIGNUM data field, but it is insufficiently sized leading to heap corruption. A similar issue exists in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn is ever called by user applications with very large untrusted hex/dec data. This is anticipated to be a rare occurrence. All OpenSSL internal usage of these functions use data that is not expected to be untrusted, e.g. config file data or application command line arguments. If user developed applications generate config file data based on untrusted data then it is possible that this could also lead to security consequences. This is also anticipated to be rare. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was reported to OpenSSL on February 19th 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. Fix memory issues in BIO_*printf functions (CVE-2016-0799) ========================================================== Severity: Low The internal |fmtstr| function used in processing a “%s” format string in the BIO_*printf functions could overflow while calculating the length of a string and cause an OOB read when printing very long strings. Additionally the internal |doapr_outch| function can attempt to write to an OOB memory location (at an offset from the NULL pointer) in the event of a memory allocation failure. In 1.0.2 and below this could be caused where the size of a buffer to be allocated is greater than INT_MAX. E.g. this could be in processing a very long “%s” format string. Memory leaks can also occur. The first issue may mask the second issue dependent on compiler behaviour. These problems could enable attacks where large amounts of untrusted data is passed to the BIO_*printf functions. If applications use these functions in this way then they could be vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could be vulnerable if the data is from untrusted sources. OpenSSL command line applications could also be vulnerable where they print out ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is not considered directly vulnerable. Additionally certificates etc received via remote connections via libssl are also unlikely to be able to trigger these issues because of message size limits enforced within libssl. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was reported to OpenSSL on February 23rd by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. Side channel attack on modular exponentiation (CVE-2016-0702) ============================================================= Severity: Low A side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. The ability to exploit this issue is limited as it relies on an attacker who has control of code in a thread running on the same hyper-threaded core as the victim thread which is performing decryptions. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The University of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at http://cachebleed.info . The fix was developed by Andy Polyakov of OpenSSL. Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703) ================================================================ Severity: High This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If clear-key bytes are present for these ciphers, they displace encrypted-key bytes. This leads to an efficient divide-and-conquer key recovery attack: if an eavesdropper has intercepted an SSLv2 handshake, they can use the server as an oracle to determine the SSLv2 master-key, using only 16 connections to the server and negligible computation. More importantly, this leads to a more efficient version of DROWN that is effective against non-export ciphersuites, and requires no significant computation. This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf (released March 19th 2015). This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. Alex Halderman of the University of Michigan. The underlying defect had by then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d (1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf). Bleichenbacher oracle in SSLv2 (CVE-2016-0704) ============================================== Severity: Moderate This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address the vulnerability CVE-2015-0293. s2_srvr.c overwrite the wrong bytes in the master-key when applying Bleichenbacher protection for export cipher suites. This provides a Bleichenbacher oracle, and could potentially allow more efficient variants of the DROWN attack. This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf (released March 19th 2015). This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. Alex Halderman of the University of Michigan. The underlying defect had by then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d (1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf).

2016-03-01 Copssh 5.5.0

• Copssh version 5.5.0 bundle contains 32/64-bit client/server installers with OpenSSH 7.2p1 . OpenSSH 7.2 Release Notes: OpenSSH 7.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: http://www.openssh.com/donations.html Future deprecation notice ========================= We plan on retiring more legacy cryptography in a near-future release, specifically: * Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits) This list reflects our current intentions, but please check the final release notes for future releases. Potentially-incompatible changes ================================ This release disables a number of legacy cryptographic algorithms by default in ssh: * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES. * MD5-based and truncated HMAC algorithms. These algorithms are already disabled by default in sshd. Changes since OpenSSH 7.1p2 =========================== This is primarily a bugfix release. Security ——– * ssh(1), sshd(8): remove unfinished and unused roaming code (was already forcibly disabled in OpenSSH 7.1p2). * ssh(1): eliminate fallback from untrusted X11 forwarding to trusted forwarding when the X server disables the SECURITY extension. * ssh(1), sshd(8): increase the minimum modulus size supported for diffie-hellman-group-exchange to 2048 bits. * sshd(8): pre-auth sandboxing is now enabled by default (previous releases enabled it for new installations via sshd_config). New Features ———— * all: add support for RSA signatures using SHA-256/512 hash algorithms based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt. * ssh(1): Add an AddKeysToAgent client option which can be set to ‘yes’, ’no’, ‘ask’, or ‘confirm’, and defaults to ’no’. When enabled, a private key that is used during authentication will be added to ssh-agent if it is running (with confirmation enabled if set to ‘confirm’). * sshd(8): add a new authorized_keys option “restrict” that includes all current and future key restrictions (no--forwarding, etc.). Also add permissive versions of the existing restrictions, e.g. “no-pty” -> “pty”. This simplifies the task of setting up restricted keys and ensures they are maximally-restricted, regardless of any permissions we might implement in the future. * ssh(1): add ssh_config CertificateFile option to explicitly list certificates. bz#2436 * ssh-keygen(1): allow ssh-keygen to change the key comment for all supported formats. * ssh-keygen(1): allow fingerprinting from standard input, e.g. “ssh-keygen -lf -” * ssh-keygen(1): allow fingerprinting multiple public keys in a file, e.g. “ssh-keygen -lf ~/.ssh/authorized_keys” bz#1319 * sshd(8): support “none” as an argument for sshd_config Foreground and ChrootDirectory. Useful inside Match blocks to override a global default. bz#2486 * ssh-keygen(1): support multiple certificates (one per line) and reading from standard input (using “-f -”) for “ssh-keygen -L” * ssh-keyscan(1): add “ssh-keyscan -c …” flag to allow fetching certificates instead of plain keys. * ssh(1): better handle anchored FQDNs (e.g. ‘cvs.openbsd.org.’) in hostname canonicalisation - treat them as already canonical and remove the trailing ‘.’ before matching ssh_config. Bugfixes ——– * sftp(1): existing destination directories should not terminate recursive uploads (regression in openssh 6.8) bz#2528 * ssh(1), sshd(8): correctly send back SSH2_MSG_UNIMPLEMENTED replies to unexpected messages during key exchange. bz#2949 * ssh(1): refuse attempts to set ConnectionAttempts=0, which does not make sense and would cause ssh to print an uninitialised stack variable. bz#2500 * ssh(1): fix errors when attempting to connect to scoped IPv6 addresses with hostname canonicalisation enabled. * sshd_config(5): list a couple more options usable in Match blocks. bz#2489 * sshd(8): fix “PubkeyAcceptedKeyTypes +…” inside a Match block. * ssh(1): expand tilde characters in filenames passed to -i options before checking whether or not the identity file exists. Avoids confusion for cases where shell doesn’t expand (e.g. “-i ~/file” vs. “-i~/file”). bz#2481 * ssh(1): do not prepend “exec” to the shell command run by “Match exec” in a config file, which could cause some commands to fail in certain environments. bz#2471 * ssh-keyscan(1): fix output for multiple hosts/addrs on one line when host hashing or a non standard port is in use bz#2479 * sshd(8): skip “Could not chdir to home directory” message when ChrootDirectory is active. bz#2485 * ssh(1): include PubkeyAcceptedKeyTypes in ssh -G config dump. * sshd(8): avoid changing TunnelForwarding device flags if they are already what is needed; makes it possible to use tun/tap networking as non-root user if device permissions and interface flags are pre-established * ssh(1), sshd(8): RekeyLimits could be exceeded by one packet. bz#2521 * ssh(1): fix multiplexing master failure to notice client exit. * ssh(1), ssh-agent(1): avoid fatal() for PKCS11 tokens that present empty key IDs. bz#1773 * sshd(8): avoid printf of NULL argument. bz#2535 * ssh(1), sshd(8): allow RekeyLimits larger than 4GB. bz#2521 * ssh-keygen(1): sshd(8): fix several bugs in (unused) KRL signature support. * ssh(1), sshd(8): fix connections with peers that use the key exchange guess feature of the protocol. bz#2515 * sshd(8): include remote port number in log messages. bz#2503 * ssh(1): don’t try to load SSHv1 private key when compiled without SSHv1 support. bz#2505 * ssh-agent(1), ssh(1): fix incorrect error messages during key loading and signing errors. bz#2507 * ssh-keygen(1): don’t leave empty temporary files when performing known_hosts file edits when known_hosts doesn’t exist. * sshd(8): correct packet format for tcpip-forward replies for requests that don’t allocate a port bz#2509 * ssh(1), sshd(8): fix possible hang on closed output. bz#2469 * ssh(1): expand %i in ControlPath to UID. bz#2449 * ssh(1), sshd(8): fix return type of openssh_RSA_verify. bz#2460 * ssh(1), sshd(8): fix some option parsing memory leaks. bz#2182 * ssh(1): add a some debug output before DNS resolution; it’s a place where ssh could previously silently stall in cases of unresponsive DNS servers. bz#2433 * ssh(1): remove spurious newline in visual hostkey. bz#2686 * ssh(1): fix printing (ssh -G …) of HostKeyAlgorithms=+… * ssh(1): fix expansion of HostkeyAlgorithms=+… Documentation ————- * ssh_config(5), sshd_config(5): update default algorithm lists to match current reality. bz#2527 * ssh(1): mention -Q key-plain and -Q key-cert query options. bz#2455 * sshd_config(8): more clearly describe what AuthorizedKeysFile=none does. * ssh_config(5): better document ExitOnForwardFailure. bz#2444 * sshd(5): mention internal DH-GEX fallback groups in manual. bz#2302 * sshd_config(5): better description for MaxSessions option. bz#2531 Portability ———– * ssh(1), sftp-server(8), ssh-agent(1), sshd(8): Support Illumos/ Solaris fine-grained privileges. Including a pre-auth privsep sandbox and several pledge() emulations. bz#2511 * Renovate redhat/openssh.spec, removing deprecated options and syntax. * configure: allow –without-ssl-engine with –without-openssl * sshd(8): fix multiple authentication using S/Key. bz#2502 * sshd(8): read back from libcrypto RAND_ before dropping privileges. Avoids sandboxing violations with BoringSSL. * Fix name collision with system-provided glob(3) functions. bz#2463 * Adapt Makefile to use ssh-keygen -A when generating host keys. bz#2459 * configure: correct default value for –with-ssh1 bz#2457 * configure: better detection of _res symbol bz#2259 * support getrandom() syscall on Linux

2016-01-31 Copssh 5.4.3

• Copssh version 5.4.3 bundle contains 32/64-bit client/server installers containing OpenSSL 1.0.2f fixing security vulnerabilities CVE-2016-0701 (high) and CVE-2015-3197 (low). We have also updated Cygwin and GNU tools to their latest versions.

2016-01-14 Copssh 5.4.2

• CVE-2016-0777 SECURITY: ssh(1): The OpenSSH client code between 5.4 and 7.1 contains experimental support for resuming SSH-connections (roaming).
• SECURITY: Fix an out of-bound read access in the packet handling code. Reported by Ben Hawkes.
• PROTOCOL: Correctly interpret the ‘first_kex_follows’ option during the intial key exchange. Reported by Matt Johnston.
• Further use of explicit_bzero has been added in various buffer handling code paths to guard against compilers aggressively doing dead-store removal.

2015-12-18 Copssh 5.4.1 (security)

• Moderate - BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
• Moderate - Certificate verify crash with missing PSS parameter (CVE-2015-3194)
• Moderate - X509_ATTRIBUTE memory leak (CVE-2015-3195)
• Low - Race condition handling PSK identify hint (CVE-2015-3196)
• Low - Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)

2015-08-22 Copssh 5.4.0 (security)

• sshd(8): OpenSSH 7.0 contained a logic error in PermitRootLogin=prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This problem was reported by Mantas Mikulenas.
• ssh(1), sshd(8): add compatibility workarounds for FuTTY
• ssh(1), sshd(8): refine compatibility workarounds for WinSCP
• Fix a number of memory faults (double-free, free of uninitialised memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz Kocielski.
• Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits)
• Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES.
• MD5-based HMAC algorithms will be disabled by default.

2015-08-11 Copssh 5.3.0 (security)

• Support for the legacy SSH version 1 protocol is disabled by default at compile time.
• Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is disabled by default at run-time. It may be re-enabled using the instructions at http://www.openssh.com/legacy.html
• Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by default at run-time. These may be re-enabled using the instructions at http://www.openssh.com/legacy.html
• Support for the legacy v00 cert format has been removed.
• sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev.
• sshd(8): Portable OpenSSH only: Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit.
• sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution. Also reported by Moritz Jodeit.
• sshd(8): fix circumvention of MaxAuthTries using keyboard-interactive authentication. By specifying a long, repeating keyboard-interactive “devices” string, an attacker could request the same authentication method be tried thousands of times in a single pass. The LoginGraceTime timeout in sshd(8) and any authentication failure delays implemented by the authentication mechanism itself were still applied. Found by Kingcope.

2015-07-22 Copssh 5.2.0 (security)

• Copssh version 5.2.0 bundle contains 32/64-bit client/server installers with OpenSSH 6.9 and OpenSSL 1.0.2d binaries (CVE-2015-1793). As OpenSSH uses only the cryptoghraphic library part of OpenSSL, Copssh is not directly affected by this security advisory.

2015-05-21 Copssh 5.1.1

• Copssh version 5.1.1 is a maintenance release and contains the latest available versions of Cygwin (2.0.2) and related GNU tools.

2015-03-23 Copssh 5.1.0

• Copssh product version 5.1.0 comes with the latest available versions of OpenSSH ( 6.8 , a major release) and OpenSSL ( 1.0.2a addressing many security vulnerabilities). Daemon program sshd is also patched to avoid logout hang problem as described in our previous blog . Free edition is updated with the latest available OpenSSL (1.0.2a) as well.

2015-03-06 Copssh 5.0.4

• Copssh version 5.0.4 comes with a custom patch addressing session hang problems during logout for domain users. Users experiencing the problem reported that they observe following lines in the event log: error: chmod /dev/pty1 0666 failed: No such file or directory error: chown /dev/pty1 0 0 failed: No such file or directory As a result of that failure, you may observe multiple hanging sshd processes at the server side as well. Please upgrade if you experience those problems in your environment. Contents of the custom patch: — sshpty.c 2014-05-21 09:06:47.000000000 +0200+++ sshpty.new.c 2015-03-06 17:26:49.125000000 +0100@@ -85,12 +85,7 @@ void pty_release(const char tty) {-#ifndef APPLE_PRIVPTY- if (chown(tty, (uid_t) 0, (gid_t) 0) < 0)- error(“chown %.100s 0 0 failed: %.100s”, tty, strerror(errno));- if (chmod(tty, (mode_t) 0666) < 0)- error(“chmod %.100s 0666 failed: %.100s”, tty, strerror(errno));-#endif / APPLE_PRIVPTY /+ return; } / Makes the tty the process’s controlling tty and sets it to sane modes. */

2015-01-19 Copssh 5.0.3

• Copssh version 5.0.3 is a maintenance release coming with OpenSSL version 1.0.1k fixing some security vulnerabilities. Copssh is not affected by those vulnerabilities, as it uses OpenSSL for some cryptographical support only. Cygwin DLL and GNU tools are also upgraded to their latest availabel versions.

2014-12-03 Copssh 5.0.2

• Copssh version 5.0.2 is a maintenance release coming with OpenSSL version 1.0.1j fixing some security vulnerabilities including POODLE attack . NB! Copssh is not affected by vulnerabilities mentioned above, as it uses OpenSSL for some cryptographical support only.

2014-10-30 Copssh 5.0.1

• Home directory is not created during the user activation if not existed before - this bug was introduced in the product version of 5.0.0
• Non-functioning session overview via status tab

2014-10-09 Copssh 5.0.0

• Copssh version 5.0.0 contains the latest available OpenSSH version 6.7 with many features and bug fixes . Please pay special attention to backward-incompatible changes like removing unsafe algorithms from the default set of ciphers/MACs and removing support for tcpwrappers. We have also updated most of the GNU Tools and Cygwin to their latest available versions, including bash coming with a ShellShock immune version: You can now specify user-specific advanced options in the Copssh Control Panel (available only for the product version!):

2014-08-07 Copssh 4.9.4 (security)

• Copssh version 4.9.4 comes with OpenSSL 1.0.1i fixing nine security vulnerabilities . In addition, Cygwin and many GNU tools are updated to their latest versions.

2014-07-04 Copssh 4.9.3

• It is now possible to instruct the Control panel not to convert user names to lowercase. If you add the parameter below to the bin/copsshcp.config file, no conversion will find place:
• A chrooted sftp environment allowing isolated directories (access type Sftp) was only supported if the default service account (SvcCOPSSH) is selected. It is now supported for all kinds of service accounts including domain users.
• Copssh takes a service restart if a chrooted environment (access type Sftp) is specified during user activation, to avoid error messages about improper permissions on a chrooted directory.

2014-06-08 Copssh 4.9.2

• Copssh version 4.9.2 contains version 1.0.1h of OpenSSL addressing 6 security vulnerabilities announced recently . The Secure Shell (SSH) is a different protocol from SSL or TLS. OpenSSH relies on the OpenSSL library for access to the cryptographic primitives it provides, not for the TLS or SSL implementations. Copssh is not vulnerable to those flaws.

2014-06-06 Copssh 4.9.1 patch 1001

• Copssh 4.9.1 patch 1001 contains version 1.0.1h of OpenSSL addressing 7 security vulnerabilities announced recently . Even if most of the vulnerabilities affects the TLS implementation which are not used by Copssh, SSL/TLS MITM vulnerability (CVE-2014-0224) can affect ssl clients and servers.

2014-04-08 Copssh 4.9.1

• Copssh version 4.9.1 installers contain OpenSSL 1.0.1g fixing Heartbleed security vulnerability. Related US-CERT Alert is here . OpenSSL Security Advisory [07 Apr 2014] - TLS heartbeat read overrun (CVE-2014-0160) A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley and Bodo Moeller for preparing the fix. Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. 1.0.2 will be fixed in 1.0.2-beta2. Copssh doesn’t use TLS and is not vulnerable to a Heartbleed attack.

2014-03-16 Copssh 4.9.0 (security)

• Copssh 4.9.0 contains OpenSSH 6.6p binaries. Changes since OpenSSH 6.5 This is primarily a bugfix release. Security : * sshd(8): when using environment passing with a sshd_config(5) AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could be tricked into accepting any enviornment variable that contains the characters before the wildcard character. New / changed features: * ssh(1), sshd(8): this release removes the J-PAKE authentication code . This code was experimental, never enabled and had been unmaintained for some time. * ssh(1): when processing Match blocks, skip ’exec’ clauses other clauses predicates failed to match. * ssh(1): if hostname canonicalisation is enabled and results in the destination hostname being changed, then re-parse ssh_config(5) files using the new destination hostname. This gives ‘Host’ and ‘Match’ directives that use the expanded hostname a chance to be applied. Bugfixes: * ssh(1): avoid spurious “getsockname failed: Bad file descriptor” in ssh -W. bz#2200, debian#738692 * sshd(8): allow the shutdown(2) syscall in seccomp-bpf and systrace sandbox modes, as it is reachable if the connection is terminated during the pre-auth phase. * ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1 bignum parsing. Minimum key length checks render this bug unexploitable to compromise SSH 1 sessions. * sshd_config(5): clarify behaviour of a keyword that appears in multiple matching Match blocks. bz#2184 * ssh(1): avoid unnecessary hostname lookups when canonicalisation is disabled. bz#2205 * sshd(8): avoid sandbox violation crashes in GSSAPI code by caching the supported list of GSSAPI mechanism OIDs before entering the sandbox. bz#2107 * ssh(1): fix possible crashes in SOCKS4 parsing caused by assumption that the SOCKS username is nul-terminated. * ssh(1): fix regression for UsePrivilegedPort=yes when BindAddress is not specified. * ssh(1), sshd(8): fix memory leak in ECDSA signature verification. * ssh(1): fix matching of ‘Host’ directives in ssh_config(5) files to be case-insensitive again (regression in 6.5). Portable OpenSSH: * sshd(8): don’t fatal if the FreeBSD Capsicum is offered by the system headers and libc but is not supported by the kernel. * Fix build using the HP-UX compiler.

2014-01-30 Copssh 4.8.0

• Both Copssh installer and Control Panel are updated to handle Ed25519 based keys ========================= Changes since OpenSSH 6.4 ========================= This is a feature-focused release. New features: * ssh(1), sshd(8): Add support for key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein’s Curve25519. This key exchange method is the default when both the client and server support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. * Add a new private key format that uses a bcrypt KDF to better protect keys at rest. This format is used unconditionally for Ed25519 keys, but may be requested when generating or saving existing keys of other types via the -o ssh-keygen(1) option. We intend to make the new format the default in the near future. Details of the new format are in the PROTOCOL.key file. * ssh(1), sshd(8): Add a new transport cipher " chacha20-poly1305@openssh.com " that combines Daniel Bernstein’s ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Details are in the PROTOCOL.chacha20poly1305 file. * ssh(1), sshd(8): Refuse RSA keys from old proprietary clients and servers that use the obsolete RSA+MD5 signature scheme. It will still be possible to connect with these clients/servers but only DSA keys will be accepted, and OpenSSH will refuse connection entirely in a future release. * ssh(1), sshd(8): Refuse old proprietary clients and servers that use a weaker key exchange hash calculation. * ssh(1): Increase the size of the Diffie-Hellman groups requested for each symmetric key size. New values from NIST Special Publication 800-57 with the upper limit specified by RFC4419. * ssh(1), ssh-agent(1): Support pkcs#11 tokes that only provide X.509 certs instead of raw public keys (requested as bz#1908). * ssh(1): Add a ssh_config(5) “Match” keyword that allows conditional configuration to be applied by matching on hostname, user and result of arbitrary commands. * ssh(1): Add support for client-side hostname canonicalisation using a set of DNS suffixes and rules in ssh_config(5). This allows unqualified names to be canonicalised to fully-qualified domain names to eliminate ambiguity when looking up keys in known_hosts or checking host certificate names. * sftp-server(8): Add the ability to whitelist and/or blacklist sftp protocol requests by name. * sftp-server(8): Add a sftp " fsync@openssh.com " to support calling fsync(2) on an open file handle. * sshd(8): Add a ssh_config(5) PermitTTY to disallow TTY allocation, mirroring the longstanding no-pty authorized_keys option. * ssh(1): Add a ssh_config ProxyUseFDPass option that supports the use of ProxyCommands that establish a connection and then pass a connected file descriptor back to ssh(1). This allows the ProxyCommand to exit rather than staying around to transfer data. Bugfixes: * ssh(1), sshd(8): Fix potential stack exhaustion caused by nested certificates. * ssh(1): bz#1211: make BindAddress work with UsePrivilegedPort. * sftp(1): bz#2137: fix the progress meter for resumed transfer. * ssh-add(1): bz#2187: do not request smartcard PIN when removing keys from ssh-agent. * sshd(8): bz#2139: fix re-exec fallback when original sshd binary cannot be executed. * ssh-keygen(1): Make relative-specified certificate expiry times relative to current time and not the validity start time. * sshd(8): bz#2161: fix AuthorizedKeysCommand inside a Match block. * sftp(1): bz#2129: symlinking a file would incorrectly canonicalise the target path. * ssh-agent(1): bz#2175: fix a use-after-free in the PKCS#11 agent helper executable. * sshd(8): Improve logging of sessions to include the user name, remote host and port, the session type (shell, command, etc.) and allocated TTY (if any). * sshd(8): bz#1297: tell the client (via a debug message) when their preferred listen address has been overridden by the server’s GatewayPorts setting. * sshd(8): bz#2162: include report port in bad protocol banner message. * sftp(1): bz#2163: fix memory leak in error path in do_readdir(). * sftp(1): bz#2171: don’t leak file descriptor on error. * sshd(8): Include the local address and port in “Connection from …” message (only shown at loglevel>=verbose). Portable OpenSSH: * Please note that this is the last version of Portable OpenSSH that will support versions of OpenSSL prior to 0.9.6. Support (i.e. SSH_OLD_EVP) will be removed following the 6.5p1 release. * Portable OpenSSH will attempt compile and link as a Position Independent Executable on Linux, OS X and OpenBSD on recent gcc-like compilers. Other platforms and older/other compilers may request this using the –with-pie configure flag. * A number of other toolchain-related hardening options are used automatically if available, including -ftrapv to abort on signed integer overflow and options to write-protect dynamic linking information. The use of these options may be disabled using the –without-hardening configure flag. * If the toolchain supports it, one of the -fstack-protector-strong, -fstack-protector-all or -fstack-protector compilation flag are used to add guards to mitigate attacks based on stack overflows. The use of these options may be disabled using the –without-stackprotect configure option. * sshd(8): Add support for pre-authentication sandboxing using the Capsicum API introduced in FreeBSD 10. * Switch to a ChaCha20-based arc4random() PRNG for platforms that do not provide their own. * sshd(8): bz#2156: restore Linux oom_adj setting when handling SIGHUP to maintain behaviour over retart. * sshd(8): bz#2032: use local username in krb5_kuserok check rather than full client name which may be of form user@REALM. * ssh(1), sshd(8): Test for both the presence of ECC NID numbers in OpenSSL and that they actually work. Fedora (at least) has NID_secp521r1 that doesn’t work. * bz#2173: use pkg-config –libs to include correct -L location for libedit.

2014-01-28 Copssh 4.7.2

• Copssh 4.7.2 features a new Control Panel with the capability of configuring isolated SFTP home directories. It does this by using the OpenSSH ChrootDirectory directive. By setting proper file system permissions in addition, customers will now be able to setup more secure SFTP installations. This feature is available for ‘Sftp’ access type and the cuurent version assumes that SvcCOPSSH is used as a service account. However, there is a small workaround to handle other service accounts as well.

2014-01-09 Copssh 4.7.1 (security)

• Copssh 4.7.1 has OpenSSL 1.0.1f containing security fixes against vulnerabilities CVE-2013-4353, CVE-2013-6450 and CVE-2013-6449: CVE-2013-4353 A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This issue only affected OpenSSL 1.0.1 versions. Reported by Anton Johansson. CVE-2013-6450 A flaw in DTLS handling can cause an application using OpenSSL and DTLS to crash. This is not a vulnerability for OpenSSL prior to 1.0.0. Reported by Dmitry Sobinov. CVE-2013-6449 A flaw in OpenSSL can cause an application using OpenSSL to crash when using TLS version 1.2. This issue only affected OpenSSL 1.0.1 versions. Reported by Ron Barber. In addition, Cygwin and other tools are updated to their latest versions. Existing customers can download the latest version from their customer pages at www.itefix.net

2013-11-08 Copssh 4.7.0 (security)

• OpenSSH 6.4 fixes a security bug: * sshd(8): fix a memory corruption problem triggered during rekeying when an AES-GCM cipher is selected. Full details of the vulnerability are available at: https://www.openssh.org/txt/gcmrekey.adv Existing customers can download latest versions from their customer pages at www.itefix.net

2013-09-17 Copssh 4.6.0

• Both 32-bit and 64-bit Copssh installers are updated with OpenSSH 6.3 and newer versions of Cygwin DLL and tools. OpenSSH 6.3 Change log Existing customers can download latest versions from their customer pages at www.itefix.net

2013-08-13 Copssh 4.5.1

• Copssh is now delivered as a bundle containing installers for 32-bit (x86) and 64-bit (x64) architectures. Existing customers can download latest versions from their customer pages at www.itefix.net

2013-04-06 Copssh 4.5.0

• Copssh version 4.5.0 contains OpenSSH 6.2 with following changes: Features: * ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption in SSH protocol 2. The new cipher is available as aes128-gcm@openssh.com and aes256-gcm@openssh.com . It uses an identical packet format to the AES-GCM mode specified in RFC 5647, but uses simpler and different selection rules during key exchange. * ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes for SSH protocol 2. These modes alter the packet format and compute the MAC over the packet length and encrypted packet rather than over the plaintext data. These modes are considered more secure and are used by default when available. * ssh(1)/sshd(8): Added support for the UMAC-128 MAC as " umac-128@openssh.com " and " umac-128-etm@openssh.com “. The latter being an encrypt-then-mac mode. * sshd(8): Added support for multiple required authentication in SSH protocol 2 via an AuthenticationMethods option. This option lists one or more comma-separated lists of authentication method names. Successful completion of all the methods in any list is required for authentication to complete. This allows, for example, requiring a user having to authenticate via public key or GSSAPI before they are offered password authentication. * sshd(8)/ssh-keygen(1): Added support for Key Revocation Lists (KRLs), a compact binary format to represent lists of revoked keys and certificates that take as little as one bit per certificate when revoking by serial number. KRLs may be generated using ssh-keygen(1) and are loaded into sshd(8) via the existing RevokedKeys sshd_config option. * ssh(1): IdentitiesOnly now applies to keys obtained from a PKCS11Provider. This allows control of which keys are offered from tokens using IdentityFile. * sshd(8): sshd_config(5)’s AllowTcpForwarding now accepts “local” and “remote” in addition to its previous “yes”/“no” keywords to allow the server to specify whether just local or remote TCP forwarding is enabled. * sshd(8): Added a sshd_config(5) option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run under an account specified by an AuthorizedKeysCommandUser sshd_config(5) option. * sftp-server(8): Now supports a -d option to allow the starting directory to be something other than the user’s home directory. * ssh-keygen(1): Now allows fingerprinting of keys hosted in PKCS#11 tokens using “ssh-keygen -lD pkcs11_provider”. * ssh(1): When SSH protocol 2 only is selected (the default), ssh(1) now immediately sends its SSH protocol banner to the server without waiting to receive the server’s banner, saving time when connecting. * ssh(1): Added ~v and ~V escape sequences to raise and lower the logging level respectively. * ssh(1): Made the escape command help (~?) context sensitive so that only commands that will work in the current session are shown. * ssh-keygen(1): When deleting host lines from known_hosts using “ssh-keygen -R host”, ssh-keygen(1) now prints details of which lines were removed. Bugfixes: * ssh(1): Force a clean shutdown of ControlMaster client sessions when the ~. escape sequence is used. This means that ~. should now work in mux clients even if the server is no longer responding. * ssh(1): Correctly detect errors during local TCP forward setup in multiplexed clients. bz#2055 * ssh-add(1): Made deleting explicit keys “ssh-add -d” symmetric with adding keys with respect to certificates. It now tries to delete the corresponding certificate and respects the -k option to allow deleting of the key only. * sftp(1): Fix a number of parsing and command-editing bugs, including bz#1956 * ssh(1): When muxmaster is run with -N, ensured that it shuts down gracefully when a client sends it “-O stop” rather than hanging around. bz#1985 * ssh-keygen(1): When screening moduli candidates, append to the file rather than overwriting to allow resumption. bz#1957 * ssh(1): Record “Received disconnect” messages at ERROR rather than INFO priority. bz#2057. * ssh(1): Loudly warn if explicitly-provided private key is unreadable. bz#1981 Portable OpenSSH: * sshd(8): The Linux seccomp-filter sandbox is now supported on ARM platforms where the kernel supports it. * sshd(8): The seccomp-filter sandbox will not be enabled if the system headers support it at compile time, regardless of whether it can be enabled then. If the run-time system does not support seccomp-filter, sshd will fall back to the rlimit pseudo-sandbox. * ssh(1): Don’t link in the Kerberos libraries. They aren’t necessary on the client, just on sshd(8). bz#2072 * Fix GSSAPI linking on Solaris, which uses a differently-named GSSAPI library. bz#2073 * Fix compilation on systems with openssl-1.0.0-fips. * Fix a number of errors in the RPM spec files.

2013-02-19 Copssh 4.4.3

• PKA (Public Key Authentication Wizard) doesn’t recognize user customizable home directories properly.
• Control Panel doesn’t update firewall settings upon port change.
• Time window for event log doesn’t work as expected.

2012-10-21 Copssh 4.4.1

• Version 4.4.1 has an user activation wizard allowing users to specify home directories of their choice. In addition, there is no need to specify domain names during login any longer. You need only to specify user names in lowercase . All activated users gets also Windows user right ‘Logon locally’ automatically assigned.

2012-09-04 Copssh 4.4.0 with OpenSSH 6.1 …

• sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
• ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel
• sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses.
• sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups}
• Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
• ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
• sshd(8): Allow the sshd_config PermitOpen directive to accept “none” as an argument to refuse all port-forwarding requests.
• sshd(8): Support “none” as an argument for AuthorizedPrincipalsFile
• ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
• sshd(8): Add “VersionAddendum” to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
• ssh(1)/sshd(8): Don’t spin in accept() in situations of file descriptor exhaustion. Instead back off for a while.
• ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023,
• sshd(8): Handle long comments in config files better. bz#2025
• ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995
• sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
• sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit sandbox from the Linux SECCOMP filter sandbox when the latter is not available in the kernel.
• ssh(1): Fix NULL dereference when built with LDNS and using DNSSEC to retrieve a CNAME SSHFP record.
• Fix cross-compilation problems related to pkg-config. bz#1996

2012-06-17 Copssh 4.3.1 - UAC friendly, OpenSSL security fix, improved Control Panel and more …

• Copssh is now UAC (User Account Control) aware, and does not require to disable it any longer. Version 4.3.1 contains many tool and library updates including OpenSSL 1.0.1c security and bug fix and Cygwin 1.7.15 . Start menu items are installed for all users instead of the current user. An improved version of the Control Panel (2.1.3) is also a part of the installer: It requires to be run as admin, converts short domain names to uppercase automatically, and is able to locate domain controllers in complex and segmented networks. Existing customers can download the latest version from their customer page at www.itefix.net

2012-04-22 Copssh with lots of updates including OpenSSH 6.0p

• Copssh version 4.3.0 brings you OpenSSH 6.0p , OpenSSL 1.0.1a ( a security update ) and Cygwin 1.7.13 (Lots of changes from 1.7.9 and support for NT4 is dropped). Many other tools and programs are also updated. Existing customers can download the latest version from their customer page at www.itefix.net

2012-02-10 Copssh with OpenSSL security patches

• Version 4.2.3 contains OpenSSL security patches 0.9.8s and 0.9.8t . The installer is will now exit graciously if UAC (User Account Control) is enabled on Windows 7 or Vista systems. Even if the installer itself is configured to operate with administrative privileges, there are some other UAC issues blocking Copssh to operate properly when UAC is enabled. Existing customers can download the latest version from their customer page at www.itefix.net .

2011-12-13 Copssh 4.2.2 with better handling of Vista and Windows 7

• Copssh version 4.2.2 is a minor update and contains updated versions of bash and readline7.dll, fixing broken backspace in bash shell and a non-working nano editor. In addition, the Windows firewall is automatically configured for communication on port 22. Furthermore, Copssh installer instructs Vista/7 platforms to run it with administrator privileges (no need to specify “Run as administrator” or disabling UAC (User Accont Control)). You need, however, still to run the Control Panel as an administrator for a proper operation. Uninstaller logic is also updated for removal of the firewall exception and the service account upon request.

2011-10-18 Copssh 4.2.1 - A bug fix release

• COPSSH - A yet another SSH Server & Client for Windows Version 4.2.1 - October 2011 ** BUG FIX RELEASE 1. UPDATED - Copssh control panel 2.1.2.5 BUG FIX - Control Panel can not activate local users BUG FIX - Wrong home directory permissions for domain user

2011-10-10 Copssh with OpenSSH 5.9 and more …

• COPSSH - A yet another SSH Server & Client for Windows Version 4.2.0 - October 2011 CHANGES FROM VERSION 4.1.0 1. UPDATED - OpenSSH 5.9p1 * Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) “UsePrivilegeSeparation=sandbox” mode that enables mandatory restrictions on the syscalls the privsep child can perform. This intention is to prevent a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. * Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512, and hmac-sha2-512-96, and are available by default in ssh(1) and sshd(8) … See http://openssh.org/txt/release-5.9 for more details. 2. UPDATED - Cygwin 1.7.9 * Avoid endless blocking behaviour in mq_timedsend and mq_timedreceive when used with O_NONBLOCK message queues. * Fix a problem to fetch correct file permissions on just created files on XP and Server 2003. * Avoid potential data loss when sending lots of data through a pipe … See http://cygwin.com/ml/cygwin-announce/2011-03/msg00043.html for more details 3. UPDATED - Copssh Control Panel 2.1.2 Better support for user activation in large domain environments. Minor bug fixes.

2011-02-26 Copssh 4.1.0 - Control Panel with framework for PKA administration and OpenSSL 0.9.8r security update

• Wizard for creation of key pairs: Select key types rsa, dsa and ecdsa with supported keylengths, save private keys with an optional passphrase and add the public key to the list of authorized keys.
• Remove a public key from the list of authorized keys.
• Update comment and/or options fields of a public key

2011-02-09 OpenSSL 0.9.8r security patch for Copssh

• OpenSSL team has published a security advisory addressing OCSP stapling vulnerability. Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. Recommended action: Users of OpenSSL should update to the OpenSSL 1.0.0d (or 0.9.8r) release, which contains a patch to correct this issue. If upgrading is not immediately possible, the source code patch provided in this advisory should be applied. Copssh 4.0.4 security patch 100 will update your current OpenSSL binaries to version 0.9.8r. A service start is required. You can use command line switch ‘/S’ for silent installation. MD5 Signature: c453f9b7de300c407a232a5f58983630 *Copssh_4.0.4_Security_Patch_100_Installer.zip SHA256 Signature: ffe1b8cd6a5d87d4da7579bf3d2094bb499b77d6596f7e112cbf933ac3faa3e5 *Copssh_4.0.4_Security_Patch_100_Installer.zip Download: http://itefix.no/i2/download

2011-02-04 Copssh 4.0.4 with OpenSSH 5.8 security update !!

• ** SECURITY UPDATE ** - OpenSSH 5.8p Fix vulnerability in legacy certificate signing introduced in OpenSSH-5.6 and found by Mateusz Kocielski. Legacy certificates signed by OpenSSH 5.6 or 5.7 included data from the stack in place of a random nonce field. The contents of the stack do not appear to contain private data at this point, but this cannot be stated with certainty for all platform, library and compiler combinations. In particular, there exists a risk that some bytes from the privileged CA key may be accidentally included. A full advisory for this issue is available at: http://www.openssh.com/txt/legacy-cert.adv 2. UPDATE - Control Panel 2.0.3 More stable support for domain user activation (Use domainname\user to logon). Bugfix. Empty activated user list after completing wizard MD5 Signature: da3ca0dd294db57767ca47cf14bb6a3d *Copssh_4.0.4_Installer.zip SHA256 Signature: 690c5ac0c2f72bbc9754f8bf914b376d2098a3ee3a5578c728b4b859927d5bf6 *Copssh_4.0.4_Installer.zip Download: http://itefix.no/i2/download

2011-02-03 Copssh 4.0.3 with OpenSSH 5.7 is available now!

• OpenSSH 5.7 introduces support for Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. scp has a new -3 option: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. ECDSA host keys are created during installation. See OpenSSH 5.7 release notes for more information. MD5 Signature: cedfe8a03691f31967a7e39fd4eb728f *Copssh_4.0.3_Installer.zip SHA256 Signature: 7626556be4e9cca0507d702316a1c0768f6a483f357f4af461c1e5f806fc0a7e *Copssh_4.0.3_Installer.zip Download: http://itefix.no/i2/download

2010-12-05 Copssh 4.0.2 - OpenSSL Security update 0.9.8q

• Version 4.0.2 comes with OpenSSL 0.9.8q security update and more stable handling of user lists in User Activation Wizard. CHANGES FROM VERSION 4.0.1 1. SECURITY UPDATE- OpenSSL 0.9.8q See https://openssl-library.org/news/secadv/20101202.txt for more information 2. Update - Control Panel User Activation Wizard 2.0.2 Better handling of user lists for activation

2010-11-24 Copssh 4.0.1 - a bug fix release :-)

• Version 4.0.1 fixes some serious bugs thwarting Coppssh’s functionality to a large extent: 1. Bug fix - User Activation Wizard doesn’t display user list on Windows 7 2. Bug fix - SFTP can not be activated as a service 3. Bug fix - Nano editor doesn’t work NB! You need to remove configuration file copsshcp.config in bin directory Visit download section, grab your copy and many thanks for bug reports !! Signatures: MD5: 4041a93b040933fe820defc152c89a99 *Copssh_4.0.1_Installer.zip SHA256: a7077ff43084a60d5cb4074783fe4a59a1132bc67faad5e0de451ad68d27e433 *Copssh_4.0.1_Installer.zip

2010-09-10 Update notification - Copssh 3.1.4

• No change details listed.

2010-08-26 Release of Copssh 3.1.3 with OpenSSH 5.6

• COPSSH - A yet another SSH Server & Client for Windows Version 3.1.3 - August 2010 CHANGES FROM VERSION 3.1.2 1. UPDATED - OpenSSH 5.6p See https://www.openssh.org/txt/release-5.6 for more info SIGNATURES MD5 Signature: 32a4c4e0d64d2f9b1b964018f108f708 *Copssh_3.1.3_Installer.zip SHA256 Signature: 314be9c9c599d8d0012e4a60136b703c878495839f13e04dbdbfa843292406d5 *Copssh_3.1.3_Installer.zip Download: /

2010-08-18 Copssh 3.1.2 with OpenSSH 5.5 and Cygwin 1.7.6 …

• COPSSH - A yet another SSH Server & Client for Windows Version 3.1.2 - August 2010 CHANGES FROM VERSION 3.1.1 1. UPDATED - OpenSSH 5.5p1 See https://www.openssh.org/txt/release-5.5 for more info 2. UPDATED - Cygwin 1.7.6-1 See http://cygwin.com/ml/cygwin-announce/2010-08/msg00019.html for more info. 3. UPDATED - OpenSSL 0.9.8o See https://openssl-library.org/news/changelog/index.html for more info. 4. UPDATED - Many utilities 5. UPDATED - Warning message about not to use existing user/built-in accounts as the service account. As a security measure, the service account will be denied any kind of logon to the system. Using your user logon or a built-in account may result losing access to your system. The installer will issue a warning to address that problem. SIGNATURES MD5 Signature: 871b5ff406ea7de41da786bf501e6633 *Copssh_3.1.2_Installer.zip SHA256 Signature: 24ae5bc91b5dc0e4aec74ba81b8af1e5d288b2f8ae62710ef76b39b7f20ca921 *Copssh_3.1.2_Installer.zip Download: /

2010-03-25 Copssh 3.1.1 with Cygwin 1.7.2-2 and OpenSSL 0.9.8n (Security update)

• CHANGES FROM VERSION 3.1.0 1. UPDATED - Cygwin 1.7.2-2 Major changes from 1.7.1-1: o Localization support has been much improved. o Enhanced Windows console support. o Handle native DOS paths always as if mounted with “posix=0,noacl”. o Handle UNC paths starting with slashes identical to /cygdrive paths. o Avoid overly agressive appending of .exe suffix when renaming Windows executables. o Fix some hangs and a potential crash using pipes and FIFOs. o Fix multiple socket problems: See http://cygwin.com/ml/cygwin-announce/2010-03/msg00018.html for more detailed info. 2. UPDATED - OpenSSL 0.9.8n Major changes from 0.9.8m: o a security and bugfix release which addresses CVE-2010-0740 URL for this Security Advisory: https://openssl-library.org/news/secadv/20100324.txt See openssl directory in doc directory for more detailed info SIGNATURES MD5 Signature: f3adc808223143a47fa74633a41eff6a *Copssh_3.1.1_Installer.zip SHA256 Signature: 9c226b52ad27d59110d862a672c2c1bf48f3d1a4313819dddb75917d2a4593fd *Copssh_3.1.1_Installer.zip Download: /

2010-03-10 Update Notification - copssh 3.1.0 with OpenSSH 5.4 and OpenSSL 0.9.8m

• No change details listed.

2010-01-04 Update Notification - copssh 3.0.3 with Cygwin 1.7.1

• No change details listed.

2009-11-24 Update Notification - copSSH 3.0.2 - updated versions of Cygwin and OpenSSL

• No change details listed.

2009-10-12 Update Notification - copSSH 3.0.1 - a bugfix release

• No change details listed.

2009-10-06 copSSH 3.0.0 with support for OpenSSH 5.3 and Cygwin 1.7 !

• Do not limit home directory paths to 256 characters.
• This release removes for support for very old versions of Cygwin and for Windows 95/98/ME
• Increase client IO buffer on Cygwin to 64K, realising a significant performance improvement.
• Windows 95, 98 and Me are not supported anymore.
• Mount points are no longer stored in the registry.
• If a filename cannot be represented in the current character set, the character will be converted to a sequence Ctrl-X + UTF-8 representation of the character. This allows to access all files, even those not having a valid representation of their filename in the current character set (codepage). To always have a valid string, use the UTF-8 charset by setting the environment variable $LANG, $LC_ALL, or $LC_CTYPE to a valid POSIX value, for instance in Cygwin.bat like this:
• PATH_MAX is now 4096. Internally, path names can be as long as the underlying OS can handle (32K).
• Creating filenames with special DOS characters ‘”’, ‘*’, ‘:’, ’ ‘, ‘|’ is supported.
• IPv6 support.
• Reworked pipe implementation.
• Support UTF-8 in console window.
• A lot of character sets are supported now via a call to setlocale().
• Cygwin now allows storage and use of user passwords in a hidden area of the registry. This is tried first when Cygwin is called by privileged processes to switch the user context. This allows, for instance, ssh public key sessions with full network credentials to access shares on other machines.

2009-10-06 Update Notification - copSSH 3.0.0 with support for OpenSSH 5.3 and Cygwin 1.7 !

• No change details listed.

2009-05-14 copSSH update notification - version 2.1.1 with OpenSSL 0.9.8k with security update

• No change details listed.

2009-02-25 copSSH update notification - version 2.1.0 with OpenSSH 5.2

• No change details listed.

2009-02-25 copSSH with OpenSSH 5.2

• COPSSH - A yet another SSH Server & Client for Windows Version 2.1.0 - February 2009 CHANGES FROM VERSION 2.0.1 1. UPDATED - OpenSSH 5.2p Security: * This release changes the default cipher order to prefer the AES CTR modes and the revised “arcfour256” mode to CBC mode ciphers that are susceptible to CPNI-957037 “Plaintext Recovery Attack Against SSH”. * This release also adds countermeasures to mitigate CPNI-957037-style attacks against the SSH protocol’s use of CBC-mode ciphers. Upon detection of an invalid packet length or Message Authentication Code, ssh/sshd will continue reading up to the maximum supported packet length rather than immediately terminating the connection. This eliminates most of the known differences in behaviour that leaked information about the plaintext of injected data which formed the basis of this attack. We believe that these attacks are rendered infeasible by these changes. New features: * Added a -y option to ssh(1) to force logging to syslog rather than stderr, which is useful when running daemonised (ssh -f) * The sshd_config(5) ForceCommand directive now accepts commandline arguments for the internal-sftp server. * The ssh(1) ~C escape commandline now support runtime creation of dynamic (-D) port forwards. * Support the SOCKS4A protocol in ssh(1) dynamic (-D) forwards. (bz#1482) * Support remote port forwarding with a listen port of ‘0’. This informs the server that it should dynamically allocate a listen port and report it back to the client. (bz#1003) * sshd(8) now supports setting PermitEmptyPasswords and AllowAgentForwarding in Match blocks Bug and documentation fixes * Repair a ssh(1) crash introduced in openssh-5.1 when the client is sent a zero-length banner (bz#1496) * Due to interoperability problems with certain broken SSH implementations, the eow@openssh.com and no-more-sessions@openssh.com protocol extensions are now only sent to peers that identify themselves as OpenSSH. * Make ssh(1) send the correct channel number for SSH2_MSG_CHANNEL_SUCCESS and SSH2_MSG_CHANNEL_FAILURE messages to avoid triggering ‘Non-public channel’ error messages on sshd(8) in openssh-5.1. * Avoid printing ‘Non-public channel’ warnings in sshd(8), since the ssh(1) has sent incorrect channel numbers since ~2004 (this reverts a behaviour introduced in openssh-5.1). * Avoid double-free in ssh(1) ~C escape -L handler (bz#1539) * Correct fail-on-error behaviour in sftp(1) batchmode for remote stat operations. (bz#1541) * Disable nonfunctional ssh(1) ~C escape handler in multiplex slave connections. (bz#1543) * Avoid hang in ssh(1) when attempting to connect to a server that has MaxSessions=0 set. * Multiple fixes to sshd(8) configuration test (-T) mode * Several core and portable OpenSSH bugs fixed: 1380, 1412, 1418, 1419, 1421, 1490, 1491, 1492, 1514, 1515, 1518, 1520, 1538, 1540 * Many manual page improvements. See http://www.openssh.org/txt/release-5.2 for details 2. UPDATED - Installer Better clean-up during uninstallation MD5 Signature: 988111bee542bef59b71b6724c8b8817 *Copssh_2.1.0_Installer.zip SHA256 Signature: b896b109d52f4284c15650f06048d72610cedd492dfb61622636684e5067b0b8 *Copssh_2.1.0_Installer.zip

2009-01-16 copSSH 2.0.1 - more mature, secure and silent

• COPSSH - A yet another SSH Server & Client for Windows Version 2.0.1 - January 2009 CHANGES FROM VERSION 2.0.0 1. UPDATED - OpenSSL 0.9.8j OpenSSL Security Advisory [07-Jan-2009] : http://www.openssl.org/news/secadv_20090107.txt 2. UPDATED - Installer Bug-fix - silent installation support. Following silent scenarios are available now: switch ‘/S’ - install with default credentials created by the installer switch ‘/S /u=user /p=password’ - install with user-specified credentials Minor improvements including better support for version checks 3. UPDATED - Copsshadm 1.1.0.1 Don’t hide existing accounts from XP/Vista logon screen 4. UPDATED - Many core tools MD5 Signature: 18f70f8545914fb08f9d14907b5c37e4 *Copssh_2.0.1_Installer.zip SHA256 Signature: 2ff9be57a4b171979a9379e282cfb946264fd5f3cea9581a53713a23223e0f39 *Copssh_2.0.1_Installer.zip

2008-12-20 Copssh 2.0 with ICW technology

• COPSSH - A yet another SSH Server & Client for Windows Version 2.0.0 Update 200 - December 2008 ** NB! COPSSH 2.0.0 IS NOT COMPATIBLE WITH EARLIER VERSIONS ** CHANGES FROM VERSION 1.4.6 00. BUG FIX - Installer Update 200 Missing DLL cygwrap-0.dll required by the newer versions of sshd is back. 01. BUG FIX - Installer Update 100 Update 100 includes OpenSSH version 5.1 executables. The original 2.0.0 package had 4.7 executables as result of a packaging error. 1. NEW - ICW technology ICW technology allows you to have multiple cygwin-based solutions by using a single base, as recommended by Cygwin. Copssh is now implemented as a repackaging of ICW Base and ICW OpenSSH packages. You can extend your installation by additional ICW packages like rsync, rbldnsd and so on. Every attempt has been made to assure that those fundamental changes will be transparent to end users. Copssh will function as before. 2. NEW - Ability to specify your own service account COPSSH installer has been extended to support user-defined service accounts. Existing accounts and domain accounts are also supported. As before, it is also possible to accept suggested values by the installer. 3. UPDATED - Copsshadm Copsshadm is updated to support user-defined service accounts. SHA256 Signature: 96d3738ae98ef6d85e2c88e98f1156fdd23ae93c97b5887de8b6892352a65f37 *Copssh_2.0.0_Installer.zip

2008-07-23 Copssh 1.4.6

• Copssh version 1.4.6 includes openssh 5.1 , openssl 0.9.8h and cygwin 1.5.25-15 . Upgrade is strongly recommended as OpenSSL 0.9.8h addresses two moderate security vulnerabilities . In addition, OpenSSH 5.1 has many new features and bug fixes. You will also notice that many core tools in the package are updated with the most recent versions. Hiding the service account from welcome screen is an another convenient feature for users of XP/Vista. The copssh uninstaller is now more user friendly as it gives a warning about the consequences of uninstalling copssh with user created symbolic links/shortcuts intact.