diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2022-05-16 20:51:52 -0400 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2022-05-16 20:51:52 -0400 |
| commit | 8a00929219120fcacdcbecd3a94e73ec12f04819 (patch) | |
| tree | cc98579ea75451fbf0304248f6090f0203a56172 /sites | |
| parent | 2f34e302a069a5e47468723253356ea253a1da1a (diff) | |
| parent | 77daf90dec14b265beca82df49bf973ffb082e63 (diff) | |
Merge branch '2.9' into 2.10
Diffstat (limited to 'sites')
| -rw-r--r-- | sites/www/changelog.rst | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index d62041c9..08f16135 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,18 @@ Changelog ========= +- :bug:`1933` Align signature verification algorithm with OpenSSH re: + zero-padding signatures which don't match their nominal size/length. This + shouldn't affect most users, but will help Paramiko-implemented SSH servers + handle poorly behaved clients such as PuTTY. Thanks to Jun Omae for catch & + patch. +- :bug:`2017` OpenSSH 7.7 and older has a bug preventing it from understanding + how to perform SHA2 signature verification for RSA certificates (specifically + certs - not keys), so when we added SHA2 support it broke all clients using + RSA certificates with these servers. This has been fixed in a manner similar + to what OpenSSH's own client does: a version check is performed and the + algorithm used is downgraded if needed. Reported by Adarsh Chauhan, with fix + suggested by Jun Omae. - :bug:`2008` (via :issue:`2010`) Windows-native SSH agent support as merged in 2.10 could encounter ``Errno 22`` ``OSError`` exceptions in some scenarios (eg server not cleanly closing a relevant named pipe). This has been worked |