On Sun, 27 Oct 2024, Colin Watson wrote: > On Sun, Oct 27, 2024 at 03:45:33PM +1100, Damien Miller wrote: > > This is mostly a note for downstream distributors of OpenSSH. I've > > just pushed fixes to the V_9_9 stable branch for a bug in the > > mlkem768x25519-sha256 key exchange algorithm that was added in this > > release that causes connection failures when connecting between > > big-endian and little-endian hosts. > > > > The problem is on the big-endian side. No change is required for > > the more common little-endian architectures (e.g. x86, ARM). > > > > If you distribute OpenSSH to big-endian systems and have packaged > > OpenSSH 9.9 already, then I recommend you include these fixes as the > > next release of OpenSSH will make this key exchange algorithm the > > default. > > Thanks, applied in Debian. (I skipped the third patch, since I believe > we have endian.h everywhere.) yeah, it's even standardised now in POSIX 2024 :) _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev