Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Releases Version 5.0

Posted by kdawson on from the latest-bits dept.

os2man lets us know that OpenSSH version 5.0 has been released. The mirrors are linked from the top page. "OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the ssh protocol. It was created as an open source alternative to the proprietary Secure Shell software suite offered by SSH Communications Security. OpenSSH is available for almost any Operating System."

6 of 41 comments (clear)

  1. Re:Stay Classy by Noryungi · · Score: 5, Informative

    The Debian maintainers wrote to Theo personally, while the correct email address for OpenSSH problems, issues and bug reports is "openssh@openssh.com".

    The result is that the maintainers of OpenSSH were not properly notified, and a bug was left in the code. For all that it's worth, it seems Theo was on holidays, with no access to a computer.

    So, sure, it may sound harsh, but I believe it's for a good cause: OpenSSH developers really want a stable and secure software. Consider the announcement a reminder of the proper procedure to warn them of bugs, not a dig at this or that operating system.

    --
    The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
  2. Re:security update? by Noksagt · · Score: 2, Informative

    Is there anything 'new' to this version 5.0?
    No.

    From what I can see in the announcement, it is merely a security update from version 4.9
    I don't know why you say "merely;" I'd rather know about security updates instead of new features. But perhaps you're trying to provoke a conversation on the unusual version numbering employed by OpenSSH? Because of the nature of the program, many releases have security fixes. If you want to see some recent features, look at the release notes for 4.9.
  3. Re:security update? by Colonel+Fahlt · · Score: 3, Informative

    OpenSSH follows the same version numbering approach as OpenBSD, which is that for each release they simply increment what would normally be called the minor number until it reaches 9, then what would normally be construed as the major number is incremented, then they go back to incrementing the minor number. One may wonder why they don't simply use a single number for releases, given there's no meaning or discernable advantage (to an outsider, that is) to using a pair of numbers. (Perhaps the numbering scheme is simply a hold over from OpenBSD's NetBSD origins over a decade ago. NetBSD does use "point numbers" to convey the relative importance of releases.)

  4. Re:security update? by Nimey · · Score: 2, Informative

    Given that OpenSSH is maintained by the OpenBSD people, who use a similar version-number scheme, I guess we shouldn't expect big changes. The next release from OpenBSD 3.9 was 4.0, ditto 2.9 to 3.0, and it wasn't a major release or anything, just the next in the series.

    It's a stupid versioning scheme, but it's what they use.

    --
    Hail Eris, full of mischief...

    E pluribus sanguinem
  5. Re:Chroot Finally? by katterjohn · · Score: 3, Informative

    http://marc.info/?l=openssh-unix-dev&m=120692745026265&w=2

    It was available in 4.9, released just days before 5.0.

  6. Re:Stay Classy by makomk · · Score: 2, Informative

    I notice that this page on the OpenBSD sire says:

    "If you find a new security problem, you can mail it to deraadt@openbsd.org."

    If he's going to be out of the country and unavailable for contact, perhaps you should provide an alternative method of reporting security issues that doesn't go through him. (Admittedly, it is the wrong way to report OpenSSH vulnerabilities - presumably the person looked at the wrong page - but it seems to be the official way of reporting issues that affect the rest of OpenBSD.)