Accepted: openssh 1:4.7p1-1 (source)

Ubuntu Installer archive at ubuntu.com
Mon Jan 7 21:10:58 GMT 2008 

Accepted:
 OK: openssh_4.7p1.orig.tar.gz
 OK: openssh_4.7p1-1.diff.gz
 OK: openssh_4.7p1-1.dsc
     -> Component: main Section: net

Upload Warnings:
No copyright file found.

Origin: Debian/unstable
Format: 1.7
Date: Mon,  07 Jan 2008 21:09:37 +0000
Source: openssh
Binary: openssh-server-udeb, openssh-client, ssh-krb5, openssh-server, openssh-client-udeb, ssh, ssh-askpass-gnome
Architecture: source
Version: 1:4.7p1-1
Distribution: hardy
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh at lists.debian.org>
Changed-By: Colin Watson <cjwatson at canonical.com>
Closes: 123013 246774 303453 327886 345628 365541 390699 405041 433181 444738 453285 453367
Changes: 
 openssh (1:4.7p1-1) unstable; urgency=low
 .
   * New upstream release (closes: #453367).
     - CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
       creation of an untrusted cookie fails; found and fixed by Jan Pechanec
       (closes: #444738).
     - sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
       installations are unchanged.
     - The SSH channel window size has been increased, and both ssh(1)
       sshd(8) now send window updates more aggressively. These improves
       performance on high-BDP (Bandwidth Delay Product) networks.
     - ssh(1) and sshd(8) now preserve MAC contexts between packets, which
       saves 2 hash calls per packet and results in 12-16% speedup for
       arcfour256/hmac-md5.
     - A new MAC algorithm has been added, UMAC-64 (RFC4418) as
       "umac-64 at openssh.com". UMAC-64 has been measured to be approximately
       20% faster than HMAC-MD5.
     - Failure to establish a ssh(1) TunnelForward is now treated as a fatal
       error when the ExitOnForwardFailure option is set.
     - ssh(1) returns a sensible exit status if the control master goes away
       without passing the full exit status.
     - When using a ProxyCommand in ssh(1), set the outgoing hostname with
       gethostname(2), allowing hostbased authentication to work.
     - Make scp(1) skip FIFOs rather than hanging (closes: #246774).
     - Encode non-printing characters in scp(1) filenames. These could cause
       copies to be aborted with a "protocol error".
     - Handle SIGINT in sshd(8) privilege separation child process to ensure
       that wtmp and lastlog records are correctly updated.
     - Report GSSAPI mechanism in errors, for libraries that support multiple
       mechanisms.
     - Improve documentation for ssh-add(1)'s -d option.
     - Rearrange and tidy GSSAPI code, removing server-only code being linked
       into the client.
     - Delay execution of ssh(1)'s LocalCommand until after all forwardings
       have been established.
     - In scp(1), do not truncate non-regular files.
     - Improve exit message from ControlMaster clients.
     - Prevent sftp-server(8) from reading until it runs out of buffer space,
       whereupon it would exit with a fatal error (closes: #365541).
     - pam_end() was not being called if authentication failed
       (closes: #405041).
     - Manual page datestamps updated (closes: #433181).
   * Install the OpenSSH FAQ in /usr/share/doc/openssh-client.
     - Includes documentation on copying files with colons using scp
       (closes: #303453).
   * Create /var/run/sshd on start even if /etc/ssh/sshd_not_to_be_run exists
     (closes: #453285).
   * Fix "overriden" typo in ssh(1) (thanks, A. Costa; closes: #390699).
   * Refactor debian/rules configure and make invocations to make development
     easier.
   * Remove the hideously old /etc/ssh/primes on upgrade (closes: #123013).
   * Update moduli(5) to revision 1.11 from OpenBSD CVS.
   * Document the non-default options we set as standard in ssh_config(5) and
     sshd_config(5) (closes: #327886, #345628).
   * Recode LICENCE to UTF-8 when concatenating it to debian/copyright.
   * Override desktop-file-but-no-dh_desktop-call lintian warning; the
     .desktop file is intentionally not installed (see 1:3.8.1p1-10).
   * Update copyright dates for Kerberos patch in debian/copyright.head.
   * Policy version 3.7.3: no changes required.
Files: 
 8dbea4ef533097fe69f373be3391884e 201822 net standard openssh_4.7p1-1.diff.gz
 e4be8bf0d8eeb50aced09e83b971ee1b 1132 net standard openssh_4.7p1-1.dsc
 bea83d2e0f9ac7b3d4393d693e68b5c1 1009361 net standard openssh_4.7p1.orig.tar.gz

More information about the Hardy-changes mailing list