[ssh_x509] PKIX-SSH release 13.4.0 and 13.4.1 pre-release notes

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Fri Jun 17 23:05:57 EEST 2022


PKIX-SSH 13.4.1 is ready in repository. Source tar-bal and official announce will be released soon when I have enough spare time.

Main new feature in 13.4.0 is work-around for "external keys". Note due to broken design OpenSSL 3+ cannot ensure compatibility with existing code base. With other words release ensures access to keys stored in external devices using PKCS#11 API with OpenSSL 3+.
Remark: NSS engine 4.0 (*27 May 2022 )* also contain similar work-around.

Version 13.4.0 fixes regression introduced in 13.2.2 related to /locked account introduced by correction that //fixes incorrect free when shadow password and libiaf are used.

//Also 13.4.1 fixes a minor ///13.4.0 /regression ///introduced/ after some code refactoring - DNS look-up should be performed in monitor not in unprivileged process.

Roumen Petrov

More information about the ssh_x509 mailing list