Release Notes: Execution of ~/.ssh/rc was disabled for sessions where a command has been forced by the sshd_config ForceCommand directive (unsafe default behavior). Chroot support for sshd was added. Internal sftp-server support was added to sshd, to allow chroot operation without support files. A "no-user-rc" option was added to ~/.ssh/authorized_keys to disable execution of ~/.ssh/rc in public key authentication. An sftp protocol extension, "email@example.com", was added to provide a rename operation with POSIX semantics.
Release Notes: Untrusted X11 forwarding is now prevented from using a trusted authentication cookie in certain situations. The SSH protocol 2 is used by default for new installations. Performance for high-BDP links was improved. Cryptographic speedups and a new, faster MAC algorithm were added. Many bugs were fixed.
Release Notes: This release fixes two security problems, namely in dynamic port forwarding and in GSSAPI credential delegation. It also includes another round of proactive security changes (for signed vs. unsigned integer issues), a new compression method that eliminates the risk of pre-authentication exploitation of zlib bugs, stronger arcfour ciphers, and many improvements to connection sharing.
Release Notes: This release fixes the "cookies" file deletion problem reported on BugTraq and a few other minor (non-security related) bugs.