Contributed by grey on from the Security near misses only count with holy hand grenades? dept.
The complete release notes may be found here:
https://www.openssh.com/txt/release-8.9
For users not running OpenBSD, OpenSSH 8.9p1 portable was also released.
Of particular interest from the release notes is a mitigation for a "Security Near Miss" as well as MD5-hashed passphrases finally being deprecated from the portable release [editor's note: it's about time!].
(Comments are closed)
By grey (grey) on
https://github.com/macports/macports-ports/pull/14167
Given that I also worked with jkh while I consulted for iXSystems some years ago, and given that jkh is founder of FreeBSD as well as DarwinPorts (now known as MacPorts) and was previously "Director of Engineering of Unix Technologies" at Apple, it seems, to me at least, as if MacPorts has better provenance when it comes to BSD aligned mindsets than Homebrew?
Regardless, that is all personal opinion! For OpenBSD users, they need not worry about even resorting to a ports collection to get the latest and greatest OpenSSH!
Comments
By grey (grey) on
However, it seems to have ruffled some feathers, e.g.
https://github.com/macports/macports-ports/pull/14193#issuecomment-1062215737 and
https://trac.macports.org/ticket/64748#comment:4.
Admittedly, I rather bristle at GitHub and the bike-shedding nature of the commentators, so maybe my responses were inappropriate?
It's not as if I have commit access anyway, so if the merge gets removed, that is also out of my control.
As usual, at least I made an effort to drag other projects closer to -current and leave behind their bad habits.