Updated: OpenSSH-6.6.1p1-1

Corinna Vinschen corinna-cygwin@cygwin.com
Tue Apr 22 09:35:00 GMT 2014

I've just updated the Cygwin version of OpenSSH to 6.6.1p1-1.

This is an upstream bugfix release.

A bug in the curve25519 KEX method that doesn't depend on OpenSSL's
BIGNUM type left leading zero bytes where they should have been skipped.
The impact of this is that OpenSSH 6.5 and 6.6 will fail during key
exchange with a peer that implements curve25519-sha256@libssh.org
properly about 0.2% of the time (one in every 512ish connections).


The upstream developers are planning to remove tcp-wrappers support from
the next OpenSSH release 6.7p1.  If you have a legitimate utilisation of
tcp-wrappers support for OpenSSH, you might want to chime in to the
discussion thread on the openssh-unix-dev mailing list(1).

The thread starts here:


(1) https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

More information about the Cygwin-announce mailing list