[ubuntu/jaunty] openssh 1:5.1p1-5ubuntu1 (Accepted)

Colin Watson cjwatson at ubuntu.com
Wed Jan 28 20:21:30 GMT 2009 

openssh (1:5.1p1-5ubuntu1) jaunty; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - Add support for registering ConsoleKit sessions on login.
    - Drop openssh-blacklist and openssh-blacklist-extra to Suggests; they
      take up a lot of CD space, and I suspect that rolling them out in
      security updates has covered most affected systems now.
    - Add ufw integration.

openssh (1:5.1p1-5) unstable; urgency=low

  * Backport from upstream CVS (Markus Friedl):
    - packet_disconnect() on padding error, too. Should reduce the success
      probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18.
  * Check that /var/run/sshd.pid exists and that the process ID listed there
    corresponds to sshd before running '/etc/init.d/ssh reload' from if-up
    script; SIGHUP is racy if called at boot before sshd has a chance to
    install its signal handler, but fortunately the pid file is written
    after that which lets us avoid the race (closes: #502444).
  * While the above is a valuable sanity-check, it turns out that it doesn't
    really fix the bug (thanks to Kevin Price for testing), so for the
    meantime we'll just use '/etc/init.d/ssh restart', even though it is
    unfortunately heavyweight.

Date: Wed, 28 Jan 2009 14:34:21 +0000
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Signed-By: Colin Watson <cjwatson at canonical.com>
https://launchpad.net/ubuntu/jaunty/+source/openssh/1:5.1p1-5ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 28 Jan 2009 14:34:21 +0000
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:5.1p1-5ubuntu1
Distribution: jaunty
Urgency: low
Maintainer: Colin Watson <cjwatson at ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description: 
 openssh-client - secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell server, an rshd replacement
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 502444
Changes: 
 openssh (1:5.1p1-5ubuntu1) jaunty; urgency=low
 .
   * Resynchronise with Debian. Remaining changes:
     - Add support for registering ConsoleKit sessions on login.
     - Drop openssh-blacklist and openssh-blacklist-extra to Suggests; they
       take up a lot of CD space, and I suspect that rolling them out in
       security updates has covered most affected systems now.
     - Add ufw integration.
 .
 openssh (1:5.1p1-5) unstable; urgency=low
 .
   * Backport from upstream CVS (Markus Friedl):
     - packet_disconnect() on padding error, too. Should reduce the success
       probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18.
   * Check that /var/run/sshd.pid exists and that the process ID listed there
     corresponds to sshd before running '/etc/init.d/ssh reload' from if-up
     script; SIGHUP is racy if called at boot before sshd has a chance to
     install its signal handler, but fortunately the pid file is written
     after that which lets us avoid the race (closes: #502444).
   * While the above is a valuable sanity-check, it turns out that it doesn't
     really fix the bug (thanks to Kevin Price for testing), so for the
     meantime we'll just use '/etc/init.d/ssh restart', even though it is
     unfortunately heavyweight.
Checksums-Sha1: 
 723a5c988ee13c950cc37440251b8b8278b90b23 1605 openssh_5.1p1-5ubuntu1.dsc
 80ca0f1d7a7860cce4f1c60622b767ad6bedaf3b 220995 openssh_5.1p1-5ubuntu1.diff.gz
Checksums-Sha256: 
 fd71f41b36c01da43816409bf72e28dc614ed4faa1d97c9c4d7ebf729fef9a1a 1605 openssh_5.1p1-5ubuntu1.dsc
 6f2d494169d795a53b55afabc0c23a0df5abd20e3958b5ebd01ecbba0f47635a 220995 openssh_5.1p1-5ubuntu1.diff.gz
Files: 
 2391885e8195a09587427d260eeb71e7 1605 net standard openssh_5.1p1-5ubuntu1.dsc
 69d2a3a4b3aa3b8ccd30f6699e372d2b 220995 net standard openssh_5.1p1-5ubuntu1.diff.gz
Original-Maintainer: Debian OpenSSH Maintainers <debian-ssh at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Colin Watson <cjwatson at debian.org> -- Debian developer

iD8DBQFJgG1H9t0zAhD6TNERAgsdAJwMz/dIy5EO87r14hckFoIReur8sQCfWXIe
eKhcVGN2XNb1PdBoyttQNbA=
=sr7y
-----END PGP SIGNATURE-----

More information about the Jaunty-changes mailing list