[ubuntu/trusty-proposed] openssh 1:6.6p1-1 (Accepted)
cjwatson at canonical.com
Sun Mar 30 05:03:39 UTC 2014
openssh (1:6.6p1-1) unstable; urgency=medium
[ Colin Watson ]
* Apply various warning-suppression and regression-test fixes to
gssapi.patch from Damien Miller.
* New upstream release (http://www.openssh.com/txt/release-6.6,
- CVE-2014-2532: sshd(8): when using environment passing with an
sshd_config(5) AcceptEnv pattern with a wildcard, OpenSSH prior to 6.6
could be tricked into accepting any environment variable that contains
the characters before the wildcard character.
* Re-enable btmp logging, as its permissions were fixed a long time ago in
response to #370050 (closes: #341883).
* Change to "PermitRootLogin without-password" for new installations, and
ask a debconf question when upgrading systems with "PermitRootLogin yes"
from previous versions (closes: #298138).
* Debconf translations:
- Danish (thanks, Joe Hansen).
- Portuguese (thanks, Américo Monteiro).
- Russian (thanks, Yuri Kozlov; closes: #742308).
- Swedish (thanks, Andreas Rönnquist).
- Japanese (thanks, victory).
- German (thanks, Stephan Beck; closes: #742541).
- Italian (thanks, Beatrice Torracca).
* Don't start ssh-agent from the Upstart user session job if something
like Xsession has already done so (based on work by Bruno Vasselle;
[ Matthew Vernon ]
* CVE-2014-2653: Fix failure to check SSHFP records if server presents a
certificate (bug reported by me, patch by upstream's Damien Miller;
thanks also to Mark Wooding for his help in fixing this) (Closes:
Date: 2014-03-29 04:18:51.146917+00:00
Signed-By: Colin Watson <cjwatson at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes