Nagwin 3.0.0 contains the latest version of Nagios Core (4.3.4), primarily a bugfix release. We have also updated Cygwin and GNU tools to their latest versions.

Copssh version 6.1.0 comes with the latest versions of OpenSSH (7.6) and LibreSSL (2.5.5). We have also updated the Cygwin and GNU Tools to their latest available versions.

Security issue:

• sftp-server(8): in read-only mode, sftp-server was incorrectly permitting creation of zero-length files. Reported by Michal Zalewski.

Potentially-incompatible changes in OpenSSH:

This release includes a number of changes that may affect existing configurations:

• ssh(1): delete SSH protocol version 1 support, associated  configuration options and documentation.
• ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC.
• ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST ciphers.
• Refuse RSA keys <1024 bits in length and improve reporting for keys that do not meet this requirement.
• ssh(1): do not offer CBC ciphers by default.

Copssh version 6.0.0 is a major update and uses now LibreSSL instead of OpenSSL as the cryptographic library provider. 

LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes. Primary development occurs inside the OpenBSD source tree with the usual care the project is known for. On a regular basis the code is re-packaged for portable use by other operating systems (Linux, FreeBSD, Windows, etc).

See https://en.wikipedia.org/wiki/LibreSSL for more detailed information.

We have also upgraded Cygwin and GNU tools to their latest available versions.

Version 5.5.3 of cwRsync client/server installers  is a maintenance release and come with the latest available versions of Cygwin, GNU Tools, OpenSSH and OpenSSL.

Copssh version 5.8.1 bundle contains server installers with improved support for domain based service accounts. We have also updated the Control Panel to configure many advanced server-wide options through the GUI. User specific advanced options are also updated to support more options. Lack of proper permissions on the host private keys are now fixed so that they are only visible to the service account.