---------- Forwarded message ---------- From: Damien Miller <djm@cvs.openbsd.org> To: openssh-unix-announce@mindrot.org Date: Tue, 7 Nov 2006 11:40:36 -0700 (MST) Subject: [openssh-unix-announce] Announce: OpenSSH 4.5 released OpenSSH 4.5 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots and purchased T-shirts or posters. T-shirt, poster and CD sales directly support the project. Pictures and more information can be found at: http://www.openbsd.org/tshirts.html and http://www.openbsd.org/orders.html For international orders use http://https.openbsd.org/cgi-bin/order and for European orders, use http://https.openbsd.org/cgi-bin/order.eu Changes since OpenSSH 4.4: ============================ This is a bugfix only release. No new features have been added. Security bugs resolved in this release: * Fix a bug in the sshd privilege separation monitor that weakened its verification of successful authentication. This bug is not known to be exploitable in the absence of additional vulnerabilities. This release includes the following non-security fixes: * Several compilation fixes for portable OpenSSH * Fixes to Solaris SMF/process contract support (bugzilla #1255) Thanks to everyone who has contributed patches, reported bugs and tested releases. Checksums: ========== - SHA1 (openssh-4.5.tar.gz) = def3de1557181062d788695b9371d02635af39fb - SHA1 (openssh-4.5p1.tar.gz) = 2eefcbbeb9e4fa16fa4500dec107d1a09d3d02d7 Reporting Bugs: =============== - please read http://www.openssh.com/report.html and http://bugzilla.mindrot.org/ OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom. _______________________________________________ openssh-unix-announce mailing list openssh-unix-announce@mindrot.org http://lists.mindrot.org/mailman/listinfo/openssh-unix-announce
4.5_p1 in portage
vapier, is the ebuild ready for stable marking or is there still stuff missing like the last time?
Vapier please advise.
re-ping?
yes, 4.5_p1 is OK for stable
Arches please test and mark stable. Target keywords are: openssh-4.5_p1.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd"
x86 stable
Stable for HPPA.
ppc64 stable
ppc stable
sparc stable.
Stable on Alpha.
stable on amd64
Time to vote from CVE: NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. i vote noglsa.
Voting NO and closing. Feel free to reopen if you disagree.
