HomeFreeBSD

ssh: Update to OpenSSH 9.4p1

Description

ssh: Update to OpenSSH 9.4p1

Excerpts from the release notes:

  • ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system library directories.
  • ssh(1): allow forwarding Unix Domain sockets via ssh -W.
  • ssh(1): add support for configuration tags to ssh(1). This adds a ssh_config(5) "Tag" directive and corresponding "Match tag" predicate that may be used to select blocks of configuration similar to the pf.conf(5) keywords of the same name.
  • ssh(1): add a "match localnetwork" predicate. This allows matching on the addresses of available network interfaces and may be used to vary the effective client configuration based on network location.
  • ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider.
  • ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules being loaded by checking that the requested module contains the required symbol before loading it.
  • ssh(1): don't incorrectly disable hostname canonicalization when CanonicalizeHostname=yes and ProxyJump was expicitly set to "none". bz3567

Full release notes at https://www.openssh.com/txt/release-9.4

Relnotes: Yes
Sponsored by: The FreeBSD Foundation

Details

Provenance
emasteAuthored on Aug 11 2023, 3:10 AM
Parents
rG6b405053c997: OpenSSL: clean up botched merges in OpenSSL 3.0.9 import
rG78f30535bcdb: Vendor import of OpenSSH 9.4p1
Branches
Unknown
Tags
Unknown