[ubuntu/natty] openssh 1:5.7p1-1ubuntu1 (Accepted)

Colin Watson cjwatson at ubuntu.com
Thu Jan 27 01:00:28 UTC 2011 

openssh (1:5.7p1-1ubuntu1) natty; urgency=low

  * Resynchronise with Debian experimental.  Remaining changes:
    - Add support for registering ConsoleKit sessions on login.
    - Drop openssh-blacklist and openssh-blacklist-extra to Suggests.
    - Convert to Upstart.  The init script is still here for the benefit of
      people running sshd in chroots.
    - Install apport hook.
    - Add mention of ssh-keygen in ssh connect warning.
    - Make openssh-server recommend ssh-import-id.

openssh (1:5.7p1-1) experimental; urgency=low

  * New upstream release (http://www.openssh.org/txt/release-5.7):
    - Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
      and host/user keys (ECDSA) as specified by RFC5656.  ECDH and ECDSA
      offer better performance than plain DH and DSA at the same equivalent
      symmetric key length, as well as much shorter keys.
    - sftp(1)/sftp-server(8): add a protocol extension to support a hard
      link operation.  It is available through the "ln" command in the
      client.  The old "ln" behaviour of creating a symlink is available
      using its "-s" option or through the preexisting "symlink" command.
    - scp(1): Add a new -3 option to scp: Copies between two remote hosts
      are transferred through the local host (closes: #508613).
    - ssh(1): "atomically" create the listening mux socket by binding it on
      a temporary name and then linking it into position after listen() has
      succeeded.  This allows the mux clients to determine that the server
      socket is either ready or stale without races (closes: #454784).
      Stale server sockets are now automatically removed (closes: #523250).
    - ssh(1): install a SIGCHLD handler to reap expired child process
      (closes: #594687).
    - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent
      temporary directories (closes: #357469, although only if you arrange
      for ssh-agent to actually see $TMPDIR since the setgid bit will cause
      it to be stripped off).
  * Update to current GSSAPI patch from
    http://www.sxw.org.uk/computing/patches/openssh-5.7p1-gsskex-all-20110125.patch:
    - Add GSSAPIServerIdentity option.
  * Generate ECDSA host keys on fresh installations.  Upgraders who wish to
    add such host keys should manually add 'HostKey
    /etc/ssh/ssh_host_ecdsa_key' to /etc/ssh/sshd_config and run 'ssh-keygen
    -q -f /etc/ssh/sshd_config -N "" -t ecdsa'.
  * Build-depend on libssl-dev (>= 0.9.8g) to ensure sufficient ECC support.
  * Backport SELinux build fix from CVS.
  * Rearrange selinux-role.patch so that it links properly given this
    SELinux build fix.

openssh (1:5.6p1-3) experimental; urgency=low

  * Drop override for desktop-file-but-no-dh_desktop-call, which Lintian no
    longer issues.
  * Merge 1:5.5p1-6.

Date: Thu, 27 Jan 2011 00:27:13 +0000
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Signed-By: Colin Watson <cjwatson at canonical.com>
https://launchpad.net/ubuntu/natty/+source/openssh/1:5.7p1-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 27 Jan 2011 00:27:13 +0000
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:5.7p1-1ubuntu1
Distribution: natty
Urgency: low
Maintainer: Colin Watson <cjwatson at ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description: 
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 357469 454784 508613 523250 594687
Changes: 
 openssh (1:5.7p1-1ubuntu1) natty; urgency=low
 .
   * Resynchronise with Debian experimental.  Remaining changes:
     - Add support for registering ConsoleKit sessions on login.
     - Drop openssh-blacklist and openssh-blacklist-extra to Suggests.
     - Convert to Upstart.  The init script is still here for the benefit of
       people running sshd in chroots.
     - Install apport hook.
     - Add mention of ssh-keygen in ssh connect warning.
     - Make openssh-server recommend ssh-import-id.
 .
 openssh (1:5.7p1-1) experimental; urgency=low
 .
   * New upstream release (http://www.openssh.org/txt/release-5.7):
     - Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
       and host/user keys (ECDSA) as specified by RFC5656.  ECDH and ECDSA
       offer better performance than plain DH and DSA at the same equivalent
       symmetric key length, as well as much shorter keys.
     - sftp(1)/sftp-server(8): add a protocol extension to support a hard
       link operation.  It is available through the "ln" command in the
       client.  The old "ln" behaviour of creating a symlink is available
       using its "-s" option or through the preexisting "symlink" command.
     - scp(1): Add a new -3 option to scp: Copies between two remote hosts
       are transferred through the local host (closes: #508613).
     - ssh(1): "atomically" create the listening mux socket by binding it on
       a temporary name and then linking it into position after listen() has
       succeeded.  This allows the mux clients to determine that the server
       socket is either ready or stale without races (closes: #454784).
       Stale server sockets are now automatically removed (closes: #523250).
     - ssh(1): install a SIGCHLD handler to reap expired child process
       (closes: #594687).
     - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent
       temporary directories (closes: #357469, although only if you arrange
       for ssh-agent to actually see $TMPDIR since the setgid bit will cause
       it to be stripped off).
   * Update to current GSSAPI patch from
     http://www.sxw.org.uk/computing/patches/openssh-5.7p1-gsskex-all-20110125.patch:
     - Add GSSAPIServerIdentity option.
   * Generate ECDSA host keys on fresh installations.  Upgraders who wish to
     add such host keys should manually add 'HostKey
     /etc/ssh/ssh_host_ecdsa_key' to /etc/ssh/sshd_config and run 'ssh-keygen
     -q -f /etc/ssh/sshd_config -N "" -t ecdsa'.
   * Build-depend on libssl-dev (>= 0.9.8g) to ensure sufficient ECC support.
   * Backport SELinux build fix from CVS.
   * Rearrange selinux-role.patch so that it links properly given this
     SELinux build fix.
 .
 openssh (1:5.6p1-3) experimental; urgency=low
 .
   * Drop override for desktop-file-but-no-dh_desktop-call, which Lintian no
     longer issues.
   * Merge 1:5.5p1-6.
Checksums-Sha1: 
 8ac044102abe21d9a10f25ceb121c075e1b46aa7 2366 openssh_5.7p1-1ubuntu1.dsc
 423e27475f06e1055847dfff7f61e1ac632b5372 1113345 openssh_5.7p1.orig.tar.gz
 c9f16a70be25a8da4bc56092e301f810bb53a5d8 250745 openssh_5.7p1-1ubuntu1.debian.tar.gz
Checksums-Sha256: 
 c87f8179ef19f1a22192d09bcf0603b375436b16f930d5c6762962b3cebb2424 2366 openssh_5.7p1-1ubuntu1.dsc
 59057d727d902d8b04b2ce0ba8f288c6e02cb65aca183cc8d559a4a66426581b 1113345 openssh_5.7p1.orig.tar.gz
 c178b3e5bf6eb0a2b57388ee4f99b1fc99312fe8dfbf6f434d3dc1a27cac65e6 250745 openssh_5.7p1-1ubuntu1.debian.tar.gz
Files: 
 3a053c31682e9e221e13067f5c55e53b 2366 net standard openssh_5.7p1-1ubuntu1.dsc
 50231fa257219791fa41b84a16c9df04 1113345 net standard openssh_5.7p1.orig.tar.gz
 7975e42e53f3362c0a6e54adf8c514f2 250745 net standard openssh_5.7p1-1ubuntu1.debian.tar.gz
Original-Maintainer: Debian OpenSSH Maintainers <debian-ssh at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Colin Watson <cjwatson at debian.org> -- Debian developer

iQIVAwUBTUDAvDk1h9l9hlALAQjFug/9HZlxkM2Q5jLZ/+UkJRBUVyefDBTmui/S
eNPo9/w/j4iQC0H+TkorrHIJX2udqOndFKzAXYPg7FVNdj0FMYfA5yEOkff8ob8a
DTmTxuoDb76WVqiyDtKZsHSeEZAs+SWMNEck4wGZ3pWfcM2L0HntDw3BtXhb07ED
1muW150cbchUEAGj81qMquhOAOSghOoIASnotYdhHh/RkOTzSVIDsERtzhjWc7rl
4MKxCcp17kJ2pWT3aYd1wEK7Zd5wfJm85VABs48kJQ2c6rLv0Bx9XtgORfL6KmSV
jwWuLizRvgbl/fH0Uhe2/WfV2pAH/0eNTuv7IpFnB/I0Gkp8UtQYJLEiRA6MjtpO
6bnao+OW1MPKCsohde6t/tly5GiA/s1bCCwlZnOPyfpOdcphvPecXwWTG2icGykl
fsdGAOARBtQFIM2uWMbN9KcEdX405MMR7uuJysr+d7xDO7T/GN//gpkzPG4il9XW
V1AYyhabE1uJKbuUuxMsKwbk1cCyvcvMxyG3886Aysp039xFhDEHsADZvi/YpVLu
BlvqqbxRlMAZSvOq1BhsGIQqr3m4JvWOQDd84bhNCJz07QyR3fVj7/7Dof46wSFf
qISAKbUwKiihKIxcAQLfZKxiNuduhu8+TPnn8Fa81xSo1UkCu9Zalq6bp78vCFet
THURilXUnbs=
=3NbU
-----END PGP SIGNATURE-----

More information about the Natty-changes mailing list