diff options
author | Janne Heß <janne@hess.ooo> | 2022-10-04 12:54:31 +0200 |
---|---|---|
committer | Janne Heß <janne@hess.ooo> | 2022-10-04 12:56:15 +0200 |
commit | a13e1e6277d561ea3bcaa30782fd2f81dbcf7756 (patch) | |
tree | 108d6b8d280ce4a2d17af133c67d38b2785dffda | |
parent | 520f8b85819375518e8903b7de979941b7295b31 (diff) |
openssh: 9.0p1 -> 9.1p1
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2211.section.xml | 10 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2211.section.md | 2 | ||||
-rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 4 |
3 files changed, 14 insertions, 2 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index ad08caf3ce5c8..dca3cb33904c6 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -438,6 +438,16 @@ </listitem> <listitem> <para> + <literal>openssh</literal> was updated to version 9.1, + disabling the generation of DSA keys when using + <literal>ssh-keygen -A</literal> as they are insecure. Also, + <literal>SetEnv</literal> directives in + <literal>ssh_config</literal> and + <literal>sshd_config</literal> are now first-match-wins + </para> + </listitem> + <listitem> + <para> <literal>bsp-layout</literal> no longer uses the command <literal>cycle</literal> to switch to other window layouts, as it got replaced by the commands <literal>previous</literal> diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 85c35b993ac4c..517d5d9fa8433 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -147,6 +147,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - The `fetchgit` fetcher now uses [cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling) by default for sparse checkouts. [Non-cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems) can be enabled by passing `nonConeMode = true`, but note that non-cone mode is deprecated and this option may be removed alongside a future Git update without notice. +- `openssh` was updated to version 9.1, disabling the generation of DSA keys when using `ssh-keygen -A` as they are insecure. Also, `SetEnv` directives in `ssh_config` and `sshd_config` are now first-match-wins + - `bsp-layout` no longer uses the command `cycle` to switch to other window layouts, as it got replaced by the commands `previous` and `next`. - The Barco ClickShare driver/client package `pkgs.clickshare-csc1` and the option `programs.clickshare-csc1.enable` have been removed, diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 55aec86bee57e..7a2be129b8ddd 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -6,11 +6,11 @@ in openssh = common rec { pname = "openssh"; - version = "9.0p1"; + version = "9.1p1"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3"; + hash = "sha256-GfhQCcfj4jeH8CNvuxV4OSq01L+fjsX+a8HNfov90og="; }; extraPatches = [ ./ssh-keysign-8.5.patch ]; |