Accepted: openssh 1:4.7p1-12ubuntu1 (source)
Colin Watson
cjwatson at ubuntu.com
Thu May 29 22:00:20 BST 2008
Accepted:
OK: openssh_4.7p1.orig.tar.gz
OK: openssh_4.7p1-12ubuntu1.diff.gz
OK: openssh_4.7p1-12ubuntu1.dsc
-> Component: main Section: net
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 29 May 2008 21:50:22 +0100
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:4.7p1-12ubuntu1
Distribution: intrepid
Urgency: low
Maintainer: Colin Watson <cjwatson at ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description:
openssh-client - secure shell client, an rlogin/rsh/rcp replacement
openssh-client-udeb - secure shell client for the Debian installer
openssh-server - secure shell server, an rshd replacement
openssh-server-udeb - secure shell server for the Debian installer
ssh - secure shell client and server (metapackage)
ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
ssh-krb5 - secure shell client and server (transitional package)
Closes: 480020 481018 481151 481187 481398 481530 481576 481591 481596 481621 481624 481676 481721 481781 481836 481870 481876 482341 482464 482548 482808 482887 483004 483142 483517
Launchpad-Bugs-Fixed: 125805 230497
Changes:
openssh (1:4.7p1-12ubuntu1) intrepid; urgency=low
.
* Resynchronise with Debian. Remaining changes:
- Add support for registering ConsoleKit sessions on login.
.
openssh (1:4.7p1-12) unstable; urgency=low
.
* Fill in CVE identifier for ssh-vulnkey bug fixed in 1:4.7p1-10.
* Refactor rejection of blacklisted user keys into a single
reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin).
* Fix memory leak of blacklisted host keys (thanks, Dmitry V. Levin).
* debconf template translations:
- Update Dutch (thanks, Bart Cornelis; closes: #483004).
- Update Brazilian Portuguese (thanks, Eder L. Marques; closes:
#483142).
- Update Slovak (thanks, Ivan Masár; closes: #483517).
.
openssh (1:4.7p1-11) unstable; urgency=low
.
* Make init script depend on $syslog, and fix some other dependency
glitches (thanks, Petter Reinholdtsen; closes: #481018).
* Remove 0 and 6 from Default-Stop in init script (thanks, Kel Modderman;
closes: #481151).
* Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik;
closes: #480020).
* Allow building with heimdal-dev (LP: #125805).
.
* Check RSA1 keys without the need for a separate blacklist. Thanks to
Simon Tatham for the idea.
* Generate two keys with the PID forced to the same value and test that
they differ, to defend against recurrences of the recent Debian OpenSSL
vulnerability.
* Recommend openssh-blacklist from openssh-client (closes: #481187).
* Recommend openssh-blacklist-extra from openssh-client and
openssh-server.
* Make ssh-vulnkey report the file name and line number for each key
(thanks, Heiko Schlittermann and Christopher Perry; closes: #481398).
* Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see
#481283).
* Log IP addresses of hosts attempting to use blacklisted keys (closes:
#481721).
* Incorporate various ssh-vulnkey suggestions from Hugh Daniel:
- Add -v (verbose) option, and don't print output for keys that have a
blacklist file but that are not listed unless in verbose mode.
- Move exit status documentation to a separate section.
- Document key status descriptions.
- Add key type to output.
- Fix error output if ssh-vulnkey fails to read key files, with the
exception of host keys unless -a was given.
- In verbose mode, output the name of each file examined.
* Handle leading IP addresses in ssh-vulnkey input (LP: #230497).
* Fix various ssh-vulnkey problems pointed out by Solar Designer:
- Fix some buffer handling inconsistencies.
- Use xasprintf to build user key file names, avoiding truncation
problems.
- Drop to the user's UID when reading user keys with -a.
- Use EUID rather than UID when run with no file names and without -a.
- Reword "Unknown (no blacklist information)" to "Unknown (blacklist
file not installed)".
.
* Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi).
* debconf template translations:
- Update Finnish (thanks, Esko Arajärvi; closes: #481530).
- Update French (thanks, Christian Perrier; closes: #481576).
- Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #481591).
- Update Galician (thanks, Jacobo Tarrio; closes: #481596).
- Update Japanese (thanks, Kenshi Muto; closes: #481621).
- Update Czech (thanks, Miroslav Kure; closes: #481624).
- Update German (thanks, Helge Kreutzmann; closes: #481676).
- Update Portuguese (thanks, Ricardo Silva; closes: #481781).
- Update Basque (thanks, Piarres Beobide; closes: #481836).
- Update Bulgarian (thanks, Damyan Ivanov; closes: #481870).
- Update Vietnamese (thanks, Clytie Siddall; closes: #481876).
- Update Spanish (thanks, Javier Fernandez-Sanguino Peña; closes:
#482341).
- Update Turkish (thanks, Mert Dirik; closes: #482548).
- Update Russian (thanks, Yuri Kozlov; closes: #482887).
- Update Swedish (thanks, Martin Bagge; closes: #482464).
- Update Italian (thanks, Luca Monducci; closes: #482808).
Files:
2b8a4e5e529113c2d9463aa462ec6de6 1211 net standard openssh_4.7p1-12ubuntu1.dsc
593320c85f64126d3f087f4efdc664f9 218951 net standard openssh_4.7p1-12ubuntu1.diff.gz
Original-Maintainer: Debian OpenSSH Maintainers <debian-ssh at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Colin Watson <cjwatson at debian.org> -- Debian developer
iD8DBQFIPxdr9t0zAhD6TNERArW5AJ9Zngbf+U3KnIYSIkBIER9DPegUxACcDsuV
vBvbMsx5Gv1PW9kRn/ck70Y=
=qgF0
-----END PGP SIGNATURE-----
More information about the Intrepid-changes
mailing list