Firefox 40 gave a lot of new features such as expanded malware protection, Improved scrolling, graphics, and video playback performance with off main thread compositing, and lots of new features for developers and users. See the release notes for more detailed information.
OpenSSH 7.0 is a major update compared to 6.9 and based on the release notes, it also introduce some incompatible changes such as:
* Support for the legacy SSH version 1 protocol is disabled by default at compile time. * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is disabled by default at run-time. It may be re-enabled using the instructions at http://www.openssh.com/legacy.html * Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by default at run-time. These may be re-enabled using the instructions at http://www.openssh.com/legacy.html * Support for the legacy v00 cert format has been removed. * The default for the sshd_config(5) PermitRootLogin option has changed from "yes" to "prohibit-password". * PermitRootLogin=without-password/prohibit-password now bans all interactive authentication methods, allowing only public-key, hostbased and GSSAPI authentication (previously it permitted keyboard-interactive and password-less authentication if those were enabled).
They also gave early warning to users about future deprecations:
We plan on retiring more legacy cryptography in the next release including: * Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits) * Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES. * MD5-based HMAC algorithms will be disabled by default.If you have been using SSH to securely connect to your machines remotely and the keys were generated in the past using a weak algorithm such as DSS, it would be wise to backup the .ssh directory and move it somewhere else and start generating your new key (RSA-based) and upload it to the server and update your key preferences or settings before attempting to upgrade your OpenSSH package. Failing to do so will block you to connect to the remote machine unless you have a normal password-based authentication. This will also affect for those who have been using git protocol to push or pull updates from and to git repository as they use ssh as the backend.