unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* OpenSSH update
@ 2016-03-01 20:14 Leo Famulari
  2016-03-01 20:52 ` Ludovic Courtès
  0 siblings, 1 reply; 2+ messages in thread
From: Leo Famulari @ 2016-03-01 20:14 UTC (permalink / raw)
  To: guix-devel

[-- Attachment #1: Type: text/plain, Size: 624 bytes --]

OpenSSH has released a new version, 7.2p1:
http://www.openssh.com/txt/release-7.2

There are some new features and many fixed bugs.

Here are the incompatible changes, copied from the link above. If there
are no objections I will apply the update.

Potentially-incompatible changes
================================

This release disables a number of legacy cryptographic algorithms
by default in ssh:

 * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants
    and the rijndael-cbc aliases for AES.

     * MD5-based and truncated HMAC algorithms.

     These algorithms are already disabled by default in sshd.

[-- Attachment #2: 0001-gnu-openssh-Update-to-7.2p1.patch --]
[-- Type: text/x-diff, Size: 1484 bytes --]

From 955072eb588ed948e420afaad386bf4ecc60c90a Mon Sep 17 00:00:00 2001
Message-Id: <955072eb588ed948e420afaad386bf4ecc60c90a.1456863131.git.leo@famulari.name>
In-Reply-To: <cover.1456863131.git.leo@famulari.name>
References: <cover.1456863131.git.leo@famulari.name>
From: Leo Famulari <leo@famulari.name>
Date: Tue, 1 Mar 2016 15:04:47 -0500
Subject: [PATCH 1/1] gnu: openssh: Update to 7.2p1.

* gnu/packages/ssh.scm (openssh): Update to 7.2p1.
---
 gnu/packages/ssh.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 1b4a4b4..307ac70 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -115,7 +115,7 @@ a server that supports the SSH-2 protocol.")
 (define-public openssh
   (package
    (name "openssh")
-   (version "7.1p2")
+   (version "7.2p1")
    (source (origin
             (method url-fetch)
             (uri (let ((tail (string-append name "-" version ".tar.gz")))
@@ -126,7 +126,7 @@ a server that supports the SSH-2 protocol.")
                          (string-append "http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/"
                                         tail))))
             (sha256 (base32
-                     "1gbbvszz74lkc7b2mqr3ccgpm65zj0k5h7a2ssh0c7pjvhjg0xfx"))))
+                     "1hsa1f3641pdj57a55gmnvcya3wwww2fc2cvb77y95rm5xxw6g4p"))))
    (build-system gnu-build-system)
    (inputs `(("groff" ,groff)
              ("openssl" ,openssl)
-- 
2.7.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: OpenSSH update
  2016-03-01 20:14 OpenSSH update Leo Famulari
@ 2016-03-01 20:52 ` Ludovic Courtès
  0 siblings, 0 replies; 2+ messages in thread
From: Ludovic Courtès @ 2016-03-01 20:52 UTC (permalink / raw)
  To: Leo Famulari; +Cc: guix-devel

Leo Famulari <leo@famulari.name> skribis:

> OpenSSH has released a new version, 7.2p1:
> http://www.openssh.com/txt/release-7.2
>
> There are some new features and many fixed bugs.
>
> Here are the incompatible changes, copied from the link above. If there
> are no objections I will apply the update.
>
> Potentially-incompatible changes
> ================================
>
> This release disables a number of legacy cryptographic algorithms
> by default in ssh:
>
>  * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants
>     and the rijndael-cbc aliases for AES.
>
>      * MD5-based and truncated HMAC algorithms.
>
>      These algorithms are already disabled by default in sshd.

Sounds reasonable to me.

Thanks!

Ludo’.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2016-03-01 20:52 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-01 20:14 OpenSSH update Leo Famulari
2016-03-01 20:52 ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).