-
-
Notifications
You must be signed in to change notification settings - Fork 181
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
6 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -213,19 +213,19 @@ For convenience, a web front-end on top of the command-line tool is available at | |
|
||
## ChangeLog | ||
|
||
### v3.2.0-dev (???) | ||
### v3.2.0 (2024-04-22) | ||
- Added implementation of the DHEat denial-of-service attack (see `--dheat` option; [CVE-2002-20001](https://nvd.nist.gov/vuln/detail/CVE-2002-20001)). | ||
- Expanded filter of CBC ciphers to flag for the Terrapin vulnerability. It now includes more rarely found ciphers. | ||
- Color output is disabled if the `NO_COLOR` environment variable is set (see https://no-color.org/). | ||
- Fixed parsing of `ecdsa-sha2-nistp*` CA signatures on host keys. Additionally, they are now flagged as potentially back-doored, just as standard host keys are. | ||
- Gracefully handle rare exceptions (i.e.: crashes) while performing GEX tests. | ||
- Built-in policies now include a change log (use `-L -v` to view them). | ||
- Added built-in policies for Amazon Linux 2023, Debian 12, OpenSSH 9.7, and Rocky Linux 9. | ||
- The built-in man page (`-m`, `--manual`) is now available on Docker, PyPI, and Snap builds, in addition to the Windows build. | ||
- Snap builds are now architecture-independent. | ||
- Changed Docker base image from `python:3-slim` to `python:3-alpine`, resulting in a 59% reduction in image size; credit [Daniel Thamdrup](https://github.com/dallemon). | ||
- Added built-in policies for Amazon Linux 2023, Debian 12, OpenSSH 9.7, and Rocky Linux 9. | ||
- Built-in policies now include a change log (use `-L -v` to view them). | ||
- Custom policies now support the `allow_algorithm_subset_and_reordering` directive to allow targets to pass with a subset and/or re-ordered list of host keys, kex, ciphers, and MACs. This allows for the creation of a baseline policy where targets can optionally implement stricter controls; partial credit [yannik1015](https://github.com/yannik1015). | ||
- Custom policies now support the `allow_larger_keys` directive to allow targets to pass with larger host keys, CA keys, and Diffie-Hellman keys. This allows for the creation of a baseline policy where targets can optionally implement stricter controls; partial credit [Damian Szuberski](https://github.com/szubersk). | ||
- Color output is disabled if the `NO_COLOR` environment variable is set (see https://no-color.org/). | ||
- Added 1 new key exchange algorithm: `gss-nistp384-sha384-*`. | ||
- Added 1 new cipher: `[email protected]`. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
""" | ||
The MIT License (MIT) | ||
Copyright (C) 2017-2023 Joe Testa ([email protected]) | ||
Copyright (C) 2017-2024 Joe Testa ([email protected]) | ||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
|
@@ -22,7 +22,7 @@ | |
THE SOFTWARE. | ||
""" | ||
# The version to display. | ||
VERSION = 'v3.2.0-dev' | ||
VERSION = 'v3.2.0' | ||
|
||
# SSH software to impersonate | ||
SSH_HEADER = 'SSH-{0}-OpenSSH_8.2' | ||
|