Release 2018_006 (unreleased)

Impact

  • Various services that link against OpenSSL will be restarted.
  • OpenSSH servers will be restarted.
  • OpenSSH has widely updated their cryptographic policies and disabled various (very) outdated protocols like SSHv1. For details check https://www.openssh.com/releasenotes.html for incompatible changes between version 6.9 and 7.5.
  • A number of services depending on libarchive will be restarted.

NixOS platform

  • Enable installation of strongSwan 5.6 IPSec server (assistance from support needed) (#29822).
  • Fix Sensu API authentication.
  • Security update OpenSSL: -> 1.0.1g, -> 1.0.2n (#29247).
  • Update OpenSSH: 6.9 -> 7.5 (#29247).
  • Security update for libarchive 3.3.2 to a selectively patched version (#28596).
  • Update for cmake due to NixOS 17.09 compatibility issues.

Gentoo platform

  • Use copytruncate for logrotate on MySQL (#29764).
  • Security update for Apache 2.4 (GLSA 201701-36; GLSA 201710-32; #25501; #28953)

Documentation

  • nothing yet