itefix's blog

Copssh and Heartbleed bug

Copssh - OpenSSH for Windows

Heartbleed vulnerability exists in TLS implementation in OpenSSL, from heartbleed.com:

Why it is called the Heartbleed Bug?

Bug is in the OpenSSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server.

 

Copssh doesn't use TLS and is not vulnerable to a Heartbleed attack.


Copssh with OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160) fix

Copssh - OpenSSH for Windows

Copssh version 4.9.1 installers contain OpenSSL 1.0.1g fixing Heartbleed security vulnerability. Related US-CERT Alert is here.

Gitwin updated - Git 1.9.1 and Copssh 4.9

Gitwin - Git Server for WindowsGitwin 1.8.0 contains the latest available Git (1.9.1) distribution. We have also updated the built-in Copssh to the latest version (4.9.0 with OpenSSH 6.6).

 

Changelog for Git 1.9.1:


 * "git clean -d pathspec" did not use the given pathspec correctly and ended up cleaning too much.

 * "git difftool" misbehaved when the repository is bound to the working tree with the ".git file" mechanism, where a textual file ".git" tells us where it is.

Copssh updated with OpenSSH 6.6

CopsshCopssh 4.9.0 contains OpenSSH 6.6p binaries.

Nagwin with Nagios Core 4.0.3

Nagios

Nagwin version 2.0.2 contains the latest available Nagios Core 4.0.3 which is primarily a bug fix release. We have also updated Cygwin binaries/DLLs and tools.

 

Changelog for Nagios Core 4.0.3:

Syndicate content