OpenSSH 10.4 Released with Critical Security Fixes and Post-Quantum Support
OpenSSH 10.4/10.4p1 Released
We are excited to release OpenSSH 10.4, featuring critical security patches for sftp and scp to prevent malicious file placement. This update introduces experimental post-quantum signature schemes combining ML-DSA 44 and Ed25519, while enforcing stricter transport protocols to block memory exhaustion attacks. We also fixed numerous bugs, including use-after-free vulnerabilities and configuration parsing errors, ensuring a more robust and secure experience for all users.
"Previously a malicious peer could continue sending non-key exchange messages without penalty, causing memory to be wasted up until the connection terminated or the server/client hit a memory limit."