* ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC.* ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST ciphers.* ssh-keygen(1): Fix corruption of known_hosts when running "ssh-keygen -H" on a known_hosts containing already-hashed entries.* Fix various fallout and sharp edges caused by removing SSH protocol 1 support from the server, including the server banner string being incorrectly terminated with only \n (instead of \r\n), confusing error messages from ssh-keyscan bz#2583 and a segfault in sshd if protocol v.1 was enabled for the client and sshd_config contained references to legacy keys bz#2686.
Reported by Jean Paul Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of Royal Holloway, University of London.* The format of several log messages emitted by the packet code has changed to include additional information about the user and their authentication state.Software that monitors ssh/sshd logs may need to account for these changes.Includes fixes for some memory and file descriptor leaks in error paths.bz#2687 * ssh-keyscan(1): Correctly hash hosts with a port number.