Navigation:
Browse pkgsrc
(this page)
security ssh-audi..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2023-12-26 18:54:02 by Thomas Klausner | Files touched by this commit (2) |
Log message: ssh-audit: add RCS Id |
| 2023-12-26 18:32:09 by Dr. Thomas Orgis | Files touched by this commit (1) |
Log message: security/ssh-audit: fix previous commit from wrong directory, addding patch |
2023-12-26 18:30:56 by Dr. Thomas Orgis | Files touched by this commit (2) |  |
Log message:
security/ssh-audit: update to 3.1.0 with patch for terrapin
upstream changes since 3.0.0:
v3.2.0-dev (???)
Expanded filter of CBC ciphers to flag for the Terrapin vulnerability. \
It now includes
more rarely found ciphers.
v3.1.0 (2023-12-20)
Added test for the Terrapin message prefix truncation vulnerability \
(CVE-2023-48795).
Dropped support for Python 3.7 (EOL was reached in June 2023).
Added Python 3.12 support.
In server policies, reduced expected DH modulus sizes from 4096 to 3072 \
to match
the online hardening guides (note that 3072-bit moduli provide the \
equivalent of
128-bit symmetric security).
In Ubuntu 22.04 client policy, moved host key types \
sk-ssh-ed25519@openssh.com and
ssh-ed25519 to the end of all certificate types.
Updated Ubuntu Server & Client policies for 20.04 and 22.04 to \
account for key exchange
list changes due to Terrapin vulnerability patches.
Re-organized option host key types for OpenSSH 9.2 server policy to \
correspond with
updated Debian 12 hardening guide.
Added built-in policies for OpenSSH 9.5 and 9.6.
Added an additional_notes field to the JSON output.
|
| 2023-10-19 14:58:34 by Thomas Klausner | Files touched by this commit (2) | |
Log message: ssh-audit: update to 3.0.0. This release includes important fixes for multiple-host scans, improved Diffie-Hellman group exchange auditing, and the inclusion of algorithm notes into the JSON output (note that this changes the schema of the banner protocol, "enc", and "mac" fields). \ Support for 49 new algorithms were also added! |
| 2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247) |
Log message: *: recursive bump for Python 3.11 as new default |
| 2023-05-09 01:00:21 by Thomas Klausner | Files touched by this commit (2) | |
Log message: ssh-audit: update to 2.9.0. 2.9.0 This release includes many new features, including granular GEX modulus tests (credit Adam Russell), support for mixed host key/CA key certificates (i.e.: RSA host keys signed by ED25519 CAs), warnings for 2048-bit moduli, and more descriptive algorithm notes. Support for 112 new algorithms were also added! |
| 2022-11-15 16:08:22 by Frederic Cambus | Files touched by this commit (2) |
Log message: ssh-audit: add a post-install directive to install the manual page. |
| 2022-10-29 16:03:09 by Frederic Cambus | Files touched by this commit (4) |
Log message: security/ssh-audit: import ssh-audit-2.5.0. ssh-audit is a tool for ssh server & client configuration auditing. Features: * SSH1 and SSH2 protocol server support * analyze SSH client configuration * grab banner, recognize device or software and OS, detect compression * gather key-exchange, host-key, encryption and MAC algorithms * output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc) * output algorithm recommendations (append or remove based on recognized software version) * output security information (related issues, assigned CVE list, etc) * analyze SSH version compatibility based on algorithm information * historical information from OpenSSH, Dropbear SSH and libssh * policy scans to ensure adherence to a hardened/standard configuration |
New packages: