On 03/20/2017 02:31 PM, Damien Miller wrote:
OpenSSH 7.5 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. Security -------- * ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed. Note that the OpenSSH client disables CBC ciphers by default, sshd offers them as lowest-preference options and will remove them by default entriely in the next release. Reported by Jean Paul Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of Royal Holloway, University of London.
Can we get some clarification on this CBC weakness from you or from the reporters? There is no update in the security page according to this security issue.
So far I understood that the CBC modes are disabled because we have better ciphers to choose from. Also I still have understanding that any of the attacks presented so far were not feasible. Did it change?
If I see right, the change related to this record is below, but the real effects are not clear even from the commit message:
https://github.com/openssh/openssh-portable/commit/0fb1a617 Thanks, -- Jakub Jelen Software Engineer Security Technologies Red Hat _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
