Bug#397961: openssh-server: security problem fixed in version 4.5
Package: openssh-server
Version: 1:4.3p2-5.1
Severity: important
Hi,
here is the announcement:
http://www.openssh.org/txt/release-4.5
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (100, 'unstable'), (99, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Versions of packages openssh-server depends on:
ii adduser 3.99 Add and remove users and groups
ii debconf 1.5.8 Debian configuration management sy
ii dpkg 1.13.24 package maintenance system for Deb
ii libc6 2.5-0exp3 GNU C Library: Shared libraries
ii libcomer 1.39+1.40-WIP-2006.10.02+dfsg-2 common error description library
ii libkrb53 1.4.4-4 MIT Kerberos runtime libraries
ii libpam-m 0.79-4 Pluggable Authentication Modules f
ii libpam-r 0.79-4 Runtime support for the PAM librar
ii libpam0g 0.79-4 Pluggable Authentication Modules l
ii libselin 1.32-3 SELinux shared libraries
ii libssl0. 0.9.8c-3 SSL shared libraries
ii libwrap0 7.6.dbs-11 Wietse Venema's TCP wrappers libra
ii openssh- 1:4.3p2-5.1 Secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3-13 compression library - runtime
openssh-server recommends no packages.
-- debconf information:
* ssh/insecure_rshd:
* ssh/forward_warning:
ssh/encrypted_host_key_but_no_keygen:
* ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/protocol2_only: true
ssh/disable_cr_auth: false
Reply to: