[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssh in debian, version 4.7, chroot patch

On Wed, Dec 19, 2007 at 09:11:15PM -0800, Russ Allbery wrote:
> Sebastian Pipping <webmaster@hartwork.org> writes:
> > Colin Watson wrote:
> >> I'm not keen. We only recently got rid of openssh-krb5, I have headaches
> >> enough keeping the Kerberos patch up to date although the upstream for
> >> that is excellent, and I don't want to increase my workload further by
> >> including more third-party patches. The more of these I include, the
> >> longer it takes to get new upstream releases packaged.
> >
> > could you (or matthew) sponsor me if i did the work?
> 
> Speaking as one of the former maintainers of openssh-krb5 (for a brief
> period near the end of its life), I don't think this is a great idea.
> Maintaining a separate forked copy of the ssh code base in another package
> is painful from a security standpoint, and managing the shared
> configuration and conflicts and whatnot can be rather horrific.

I have to say that I'm with Russ on this point.

openssh 4.7p1-1 is on its way into Debian unstable now.

Cheers,

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: