[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

openssh 1:4.7p1-8

Please allow openssh 1:4.7p1-8 into testing; the changes are fairly
small, and it fixes a security vulnerability.

openssh (1:4.7p1-8) unstable; urgency=high

  * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5.
  * Rename KeepAlive to TCPKeepAlive in sshd_config, cleaning up from old
    configurations (LP: #211400).
  * Tweak scp's reporting of filenames in verbose mode to be a bit less
    confusing with spaces (thanks, Nicolas Valcárcel; LP: #89945).
  * Backport from 4.9p1:
    - CVE-2008-1657: Ignore ~/.ssh/rc if a sshd_config ForceCommand is
      specified.
    - Add no-user-rc authorized_keys option to disable execution of
      ~/.ssh/rc.
  * Backport from Simon Wilkinson's GSSAPI key exchange patch for 5.0p1:
    - Add code to actually implement GSSAPIStrictAcceptorCheck, which had
      somehow been omitted from a previous version of this patch (closes:
      #474246).

 -- Colin Watson <cjwatson@debian.org>  Sun, 06 Apr 2008 12:34:19 +0100

openssh (1:4.7p1-7) unstable; urgency=low

  * Ignore errors writing to oom_adj (closes: #473573).

 -- Colin Watson <cjwatson@debian.org>  Mon, 31 Mar 2008 16:24:44 +0100

openssh (1:4.7p1-6) unstable; urgency=low

  * Disable the Linux kernel's OOM-killer for the sshd parent; tweak
    SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767).

 -- Colin Watson <cjwatson@debian.org>  Sun, 30 Mar 2008 21:14:12 +0100

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: