WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update Version to v1.4.17 

1. Update the library version
2. Update the ChangeLog
pull/672/head
John Safranek 2024-03-22 12:36:05 -07:00
parent 1736a4cabf
commit d2889924cb
No known key found for this signature in database
GPG Key ID: 8CE817DE0D3CCB4A
3 changed files with 67 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
ChangeLog.md
View File

@ -1,3 +1,55 @@
# wolfSSH v1.4.17 (March 22, 2024)
## Vulnerabilities
* Fixes a vulnerability where a properly crafted SSH client can bypass user
authentication in the wolfSSH server code. The added fix filters the
messages that are allowed during different operational states.
## Notes
* When building wolfSSL/wolfCrypt versions before v5.6.6 with CMake,
wolfSSH may have a problem with RSA keys. This is due to wolfSSH not
checking on the size of `___uint128_t`. wolfSSH sees the RSA structure
as the wrong size. You will have to define `HAVE___UINT128_T` if you
know you have it and are using it in wolfSSL. wolfSSL v5.6.6 exports that
define in options.h when using CMake.
* The example server in directory examples/server/server.c has been removed.
It was never kept up to date, the echoserver did its job as an example and
test server.
## New Features
* Added functions to set algorithms lists for KEX at run-time, and some
functions to inspect which algorithms are set or are available to use.
* In v1.4.15, we had disabled SHA-1 in the build by default. SHA-1 has been
re-enabled in the build and is now "soft" disabled, where algorithms using
it can put configured for KEX.
* Add Curve25519 KEX support for server/client key agreement.
## Improvements
* Clean up some issues when building for Nucleus.
* Clean up some issues when building for Windows.
* Clean up some issues when building for QNX.
* Added more wolfSSHd testing.
* Added more appropriate build option guard checking.
* General improvements for the ESP32 builds.
* Better terminal support in Windows.
* Better I/O pipes and return codes when running commands or scripts over an
SSH connection.
## Fixes
* Fix shell terminal window resizing and it sets up the environment better.
* Fix some corner cases with the SFTP testing.
* Fix some corner cases with SFTP in general.
* Fix verifying RSA signatures.
* Add masking of file mode bits for Zephyr.
* Fix leak of terminal modes cache.
---
# wolfSSH v1.4.15 (December 22, 2023)
## Vulnerabilities

25
configure.ac
View File

@ -3,7 +3,7 @@
# All right reserved.
AC_COPYRIGHT([Copyright (C) 2014-2024 wolfSSL Inc.])
AC_INIT([wolfssh],[1.4.16],[support@wolfssl.com],[wolfssh],[https://www.wolfssl.com])
AC_INIT([wolfssh],[1.4.17],[support@wolfssl.com],[wolfssh],[https://www.wolfssl.com])
AC_PREREQ([2.63])
AC_CONFIG_AUX_DIR([build-aux])
@ -18,18 +18,19 @@ AC_ARG_PROGRAM
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_HEADERS([config.h])
WOLFSSH_LIBRARY_VERSION=15:3:8
# | | |
# +------+ | +---+
# | | |
WOLFSSH_LIBRARY_VERSION=16:0:9
# | | |
# +-----+ | +----+
# | | |
# current:revision:age
# | | |
# | | +- increment if interfaces have been added
# | | set to zero if interfaces have been removed
# | | or changed
# | +- increment if source code has changed
# | set to zero if current is incremented
# +- increment if interfaces have been added, removed or changed
# | | |
# | | +- increment if interfaces have been added
# | | +- set to zero if interfaces have been
# | | removed or changed
# | +- increment if source code has changed
# | +- set to zero if current is incremented
# +- increment if interfaces have been added, removed
# or changed
AC_SUBST([WOLFSSH_LIBRARY_VERSION])
LT_PREREQ([2.2])

4
wolfssh/version.h
View File

@ -35,8 +35,8 @@
extern "C" {
#endif
#define LIBWOLFSSH_VERSION_STRING "1.4.16"
#define LIBWOLFSSH_VERSION_HEX 0x01004016
#define LIBWOLFSSH_VERSION_STRING "1.4.17"
#define LIBWOLFSSH_VERSION_HEX 0x01004017
#ifdef __cplusplus
}