[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted openssh 1:6.5p1-4~bpo70+1 (source i386 all)

Hash: SHA256

Format: 1.8
Date: Wed, 26 Feb 2014 18:02:59 +0000
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source i386 all
Version: 1:6.5p1-4~bpo70+1
Distribution: wheezy-backports
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 115286 481853 570651 644521 676830 727622 732441 732940 734816 738619 738693 738798
 openssh (1:6.5p1-4~bpo70+1) wheezy-backports; urgency=low
   * Rebuild for wheezy-backports.
 openssh (1:6.5p1-4) unstable; urgency=medium
   * Configure --without-hardening on hppa, to work around
     http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 (closes: #738798).
   * Amend "Running sshd from inittab" instructions in README.Debian to
     recommend 'update-rc.d ssh disable', rather than manual removal of rc*.d
     symlinks that won't work with dependency-based sysv-rc.
   * Remove code related to non-dependency-based sysv-rc ordering, since that
     is no longer supported.
   * Apply patch from https://bugzilla.mindrot.org/show_bug.cgi?id=2200 to
     fix getsockname errors when using "ssh -W" (closes: #738693).
 openssh (1:6.5p1-3) unstable; urgency=medium
   * Clarify socket activation mode in README.Debian, as suggested by Uoti
   * Stop claiming that "Protocol 2" is a Debian-specific default; this has
     been upstream's default since 5.4p1.
   * Avoid stdout noise from which(1) on purge of openssh-client.
   * Fix sysvinit->systemd transition code to cope with still-running
     sysvinit jobs being considered active by systemd (thanks, Uoti Urpala
     and Michael Biebl).
   * Bump guard version for sysvinit->systemd transition to 1:6.5p1-3; we may
     have got it wrong before, and it's fairly harmless to repeat it.
   * Remove tests for whether /dev/null is a character device from the
     Upstart job and the systemd service files; it's there to avoid a
     confusing failure mode in daemon(), but with modern init systems we use
     the -D option to suppress daemonisation anyway.
   * Refer to /usr/share/common-licenses/GPL-2 in debian/copyright (for the
     Debian patch) rather than plain GPL.
   * Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9),
     rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2),
     and openssh-client (<< 1:3.8.1p1-11)).  These all relate to pre-etch
     versions, for which we no longer have maintainer script code, and per
     policy they would have to become Breaks nowadays anyway.
   * Policy version 3.9.5.
   * Drop unnecessary -1 in zlib1g Build-Depends version.
   * Tweak dh_systemd_enable invocations to avoid lots of error noise.
 openssh (1:6.5p1-2) unstable; urgency=medium
   * Only enable ssh.service for systemd, not both ssh.service and
     ssh.socket.  Thanks to Michael Biebl for spotting this.
   * Backport upstream patch to unbreak case-sensitive matching of ssh_config
     (closes: #738619).
 openssh (1:6.5p1-1) unstable; urgency=medium
   * New upstream release (http://www.openssh.com/txt/release-6.5,
     LP: #1275068):
     - ssh(1): Add support for client-side hostname canonicalisation using a
       set of DNS suffixes and rules in ssh_config(5).  This allows
       unqualified names to be canonicalised to fully-qualified domain names
       to eliminate ambiguity when looking up keys in known_hosts or checking
       host certificate names (closes: #115286).
   * Switch to git; adjust Vcs-* fields.
   * Convert to git-dpm, and drop source package documentation associated
     with the old bzr/quilt patch handling workflow.
   * Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code,
     leaving only basic configuration file compatibility, since it has been
     nearly six years since the original vulnerability and this code is not
     likely to be of much value any more (closes: #481853, #570651).  See
     https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full
   * Add OpenPGP signature checking configuration to watch file (thanks,
     Daniel Kahn Gillmor; closes: #732441).
   * Add the pam_keyinit session module, to create a new session keyring on
     login (closes: #734816).
   * Incorporate default path changes from shadow 1:, removing
     /usr/bin/X11 (closes: #644521).
   * Generate ED25519 host keys on fresh installations.  Upgraders who wish
     to add such host keys should manually add 'HostKey
     /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
     'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
   * Drop long-obsolete "SSH now uses protocol 2 by default" section from
   * Add systemd support (thanks, Sven Joachim; closes: #676830).
 openssh (1:6.4p1-2) unstable; urgency=high
   * Increase ServerKeyBits value in package-generated sshd_config to 1024
     (closes: #727622, LP: #1244272).
   * Restore patch to disable OpenSSL version check (closes: #732940).
 5cce1fce16aedc625d606c293e7cb3b42f072597 2610 openssh_6.5p1-4~bpo70+1.dsc
 35a807b79760c040fcad69ab76ac2aeab522cfe6 167148 openssh_6.5p1-4~bpo70+1.debian.tar.gz
 8c7ba0689f7fccb0cfb8eb632615c65a0419a784 666668 openssh-client_6.5p1-4~bpo70+1_i386.deb
 4f11baac0242662489b12076472ffff83d3171b0 331354 openssh-server_6.5p1-4~bpo70+1_i386.deb
 80881b45b9979c26feabc4b5472d00e50cdb47fb 1068 ssh_6.5p1-4~bpo70+1_all.deb
 30344311f943d6b856aa9d642576f22beeff18b9 101236 ssh-krb5_6.5p1-4~bpo70+1_all.deb
 2f6daca8f44d77dc09503bac09eb84761b0eb912 109004 ssh-askpass-gnome_6.5p1-4~bpo70+1_i386.deb
 046358de12fabf5bbcb02edf8a9792d6cbb6f092 247312 openssh-client-udeb_6.5p1-4~bpo70+1_i386.udeb
 6c2beb4fcbf2863eb88b9414ed66c454130320b6 276014 openssh-server-udeb_6.5p1-4~bpo70+1_i386.udeb
 3326e98c538d82f1403b30bd2bfbd51f9ebc62fdfe2c081a70ed200c6e6d0f4f 2610 openssh_6.5p1-4~bpo70+1.dsc
 d4d75b856414e4ab060caf42c5596ea02d2af3da89204d0adab156861dfddf06 167148 openssh_6.5p1-4~bpo70+1.debian.tar.gz
 710b1c8316d6c9cbce22b74426bd4a726630f724826faa7318bee37bbed3953e 666668 openssh-client_6.5p1-4~bpo70+1_i386.deb
 0fc57cb9dad9c3bd8847e98776190f49a20c9fdb4193eee2ed811f23ab853ba1 331354 openssh-server_6.5p1-4~bpo70+1_i386.deb
 9500d8fe75c98b2b94d9a27e590264ed9113780b620f3b8f3c90a711492c5336 1068 ssh_6.5p1-4~bpo70+1_all.deb
 394b4111de1781df179fe169e0089b54535418ab00dbf99d66f4c6b6d1533eea 101236 ssh-krb5_6.5p1-4~bpo70+1_all.deb
 ca4d54d438dade21f539c7bc2cb702a0127bfb38f2086d6ba170acdd384f0fd8 109004 ssh-askpass-gnome_6.5p1-4~bpo70+1_i386.deb
 e0443293bd3ffc31bde3f29e8d4f800918c7fdee7805149421822ecca4065e30 247312 openssh-client-udeb_6.5p1-4~bpo70+1_i386.udeb
 7b03952f19820d6febb8768a2a1ffe55dd8256c327a7f1c11e76d0b2774fd6eb 276014 openssh-server-udeb_6.5p1-4~bpo70+1_i386.udeb
 162b69018e81a81ba268389557b86ad3 2610 net standard openssh_6.5p1-4~bpo70+1.dsc
 4b5f2f6a737b7fa66457c668ff637e3e 167148 net standard openssh_6.5p1-4~bpo70+1.debian.tar.gz
 594356b61fe51fb8324242b392c182f6 666668 net standard openssh-client_6.5p1-4~bpo70+1_i386.deb
 76152c3138cb1dedc4f406f4d022f99d 331354 net optional openssh-server_6.5p1-4~bpo70+1_i386.deb
 1d188e5f105124d028babc0dede0260a 1068 net extra ssh_6.5p1-4~bpo70+1_all.deb
 9e44a1d6b5c221ae4a3e83a50d2cb98b 101236 oldlibs extra ssh-krb5_6.5p1-4~bpo70+1_all.deb
 4372f10888a6d7eef206e92b0b86d6ac 109004 gnome optional ssh-askpass-gnome_6.5p1-4~bpo70+1_i386.deb
 b93e172c0fbcb2799fa0bfb870367cd3 247312 debian-installer optional openssh-client-udeb_6.5p1-4~bpo70+1_i386.udeb
 4ac772fa32f315f5bc313e0e0f7a2723 276014 debian-installer optional openssh-server-udeb_6.5p1-4~bpo70+1_i386.udeb
Package-Type: udeb

Version: GnuPG v1
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer


Reply to: