Accepted openssh 1:6.5p1-4~bpo70+1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 26 Feb 2014 18:02:59 +0000
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source i386 all
Version: 1:6.5p1-4~bpo70+1
Distribution: wheezy-backports
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
openssh-client - secure shell (SSH) client, for secure access to remote machines
openssh-client-udeb - secure shell client for the Debian installer (udeb)
openssh-server - secure shell (SSH) server, for secure access from remote machines
openssh-server-udeb - secure shell server for the Debian installer (udeb)
ssh - secure shell client and server (metapackage)
ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
ssh-krb5 - secure shell client and server (transitional package)
Closes: 115286 481853 570651 644521 676830 727622 732441 732940 734816 738619 738693 738798
Changes:
openssh (1:6.5p1-4~bpo70+1) wheezy-backports; urgency=low
.
* Rebuild for wheezy-backports.
.
openssh (1:6.5p1-4) unstable; urgency=medium
.
* Configure --without-hardening on hppa, to work around
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 (closes: #738798).
* Amend "Running sshd from inittab" instructions in README.Debian to
recommend 'update-rc.d ssh disable', rather than manual removal of rc*.d
symlinks that won't work with dependency-based sysv-rc.
* Remove code related to non-dependency-based sysv-rc ordering, since that
is no longer supported.
* Apply patch from https://bugzilla.mindrot.org/show_bug.cgi?id=2200 to
fix getsockname errors when using "ssh -W" (closes: #738693).
.
openssh (1:6.5p1-3) unstable; urgency=medium
.
* Clarify socket activation mode in README.Debian, as suggested by Uoti
Urpala.
* Stop claiming that "Protocol 2" is a Debian-specific default; this has
been upstream's default since 5.4p1.
* Avoid stdout noise from which(1) on purge of openssh-client.
* Fix sysvinit->systemd transition code to cope with still-running
sysvinit jobs being considered active by systemd (thanks, Uoti Urpala
and Michael Biebl).
* Bump guard version for sysvinit->systemd transition to 1:6.5p1-3; we may
have got it wrong before, and it's fairly harmless to repeat it.
* Remove tests for whether /dev/null is a character device from the
Upstart job and the systemd service files; it's there to avoid a
confusing failure mode in daemon(), but with modern init systems we use
the -D option to suppress daemonisation anyway.
* Refer to /usr/share/common-licenses/GPL-2 in debian/copyright (for the
Debian patch) rather than plain GPL.
* Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9),
rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2),
and openssh-client (<< 1:3.8.1p1-11)). These all relate to pre-etch
versions, for which we no longer have maintainer script code, and per
policy they would have to become Breaks nowadays anyway.
* Policy version 3.9.5.
* Drop unnecessary -1 in zlib1g Build-Depends version.
* Tweak dh_systemd_enable invocations to avoid lots of error noise.
.
openssh (1:6.5p1-2) unstable; urgency=medium
.
* Only enable ssh.service for systemd, not both ssh.service and
ssh.socket. Thanks to Michael Biebl for spotting this.
* Backport upstream patch to unbreak case-sensitive matching of ssh_config
(closes: #738619).
.
openssh (1:6.5p1-1) unstable; urgency=medium
.
* New upstream release (http://www.openssh.com/txt/release-6.5,
LP: #1275068):
- ssh(1): Add support for client-side hostname canonicalisation using a
set of DNS suffixes and rules in ssh_config(5). This allows
unqualified names to be canonicalised to fully-qualified domain names
to eliminate ambiguity when looking up keys in known_hosts or checking
host certificate names (closes: #115286).
* Switch to git; adjust Vcs-* fields.
* Convert to git-dpm, and drop source package documentation associated
with the old bzr/quilt patch handling workflow.
* Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code,
leaving only basic configuration file compatibility, since it has been
nearly six years since the original vulnerability and this code is not
likely to be of much value any more (closes: #481853, #570651). See
https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full
reasoning.
* Add OpenPGP signature checking configuration to watch file (thanks,
Daniel Kahn Gillmor; closes: #732441).
* Add the pam_keyinit session module, to create a new session keyring on
login (closes: #734816).
* Incorporate default path changes from shadow 1:4.0.18.1-8, removing
/usr/bin/X11 (closes: #644521).
* Generate ED25519 host keys on fresh installations. Upgraders who wish
to add such host keys should manually add 'HostKey
/etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
* Drop long-obsolete "SSH now uses protocol 2 by default" section from
README.Debian.
* Add systemd support (thanks, Sven Joachim; closes: #676830).
.
openssh (1:6.4p1-2) unstable; urgency=high
.
* Increase ServerKeyBits value in package-generated sshd_config to 1024
(closes: #727622, LP: #1244272).
* Restore patch to disable OpenSSL version check (closes: #732940).
Checksums-Sha1:
5cce1fce16aedc625d606c293e7cb3b42f072597 2610 openssh_6.5p1-4~bpo70+1.dsc
35a807b79760c040fcad69ab76ac2aeab522cfe6 167148 openssh_6.5p1-4~bpo70+1.debian.tar.gz
8c7ba0689f7fccb0cfb8eb632615c65a0419a784 666668 openssh-client_6.5p1-4~bpo70+1_i386.deb
4f11baac0242662489b12076472ffff83d3171b0 331354 openssh-server_6.5p1-4~bpo70+1_i386.deb
80881b45b9979c26feabc4b5472d00e50cdb47fb 1068 ssh_6.5p1-4~bpo70+1_all.deb
30344311f943d6b856aa9d642576f22beeff18b9 101236 ssh-krb5_6.5p1-4~bpo70+1_all.deb
2f6daca8f44d77dc09503bac09eb84761b0eb912 109004 ssh-askpass-gnome_6.5p1-4~bpo70+1_i386.deb
046358de12fabf5bbcb02edf8a9792d6cbb6f092 247312 openssh-client-udeb_6.5p1-4~bpo70+1_i386.udeb
6c2beb4fcbf2863eb88b9414ed66c454130320b6 276014 openssh-server-udeb_6.5p1-4~bpo70+1_i386.udeb
Checksums-Sha256:
3326e98c538d82f1403b30bd2bfbd51f9ebc62fdfe2c081a70ed200c6e6d0f4f 2610 openssh_6.5p1-4~bpo70+1.dsc
d4d75b856414e4ab060caf42c5596ea02d2af3da89204d0adab156861dfddf06 167148 openssh_6.5p1-4~bpo70+1.debian.tar.gz
710b1c8316d6c9cbce22b74426bd4a726630f724826faa7318bee37bbed3953e 666668 openssh-client_6.5p1-4~bpo70+1_i386.deb
0fc57cb9dad9c3bd8847e98776190f49a20c9fdb4193eee2ed811f23ab853ba1 331354 openssh-server_6.5p1-4~bpo70+1_i386.deb
9500d8fe75c98b2b94d9a27e590264ed9113780b620f3b8f3c90a711492c5336 1068 ssh_6.5p1-4~bpo70+1_all.deb
394b4111de1781df179fe169e0089b54535418ab00dbf99d66f4c6b6d1533eea 101236 ssh-krb5_6.5p1-4~bpo70+1_all.deb
ca4d54d438dade21f539c7bc2cb702a0127bfb38f2086d6ba170acdd384f0fd8 109004 ssh-askpass-gnome_6.5p1-4~bpo70+1_i386.deb
e0443293bd3ffc31bde3f29e8d4f800918c7fdee7805149421822ecca4065e30 247312 openssh-client-udeb_6.5p1-4~bpo70+1_i386.udeb
7b03952f19820d6febb8768a2a1ffe55dd8256c327a7f1c11e76d0b2774fd6eb 276014 openssh-server-udeb_6.5p1-4~bpo70+1_i386.udeb
Files:
162b69018e81a81ba268389557b86ad3 2610 net standard openssh_6.5p1-4~bpo70+1.dsc
4b5f2f6a737b7fa66457c668ff637e3e 167148 net standard openssh_6.5p1-4~bpo70+1.debian.tar.gz
594356b61fe51fb8324242b392c182f6 666668 net standard openssh-client_6.5p1-4~bpo70+1_i386.deb
76152c3138cb1dedc4f406f4d022f99d 331354 net optional openssh-server_6.5p1-4~bpo70+1_i386.deb
1d188e5f105124d028babc0dede0260a 1068 net extra ssh_6.5p1-4~bpo70+1_all.deb
9e44a1d6b5c221ae4a3e83a50d2cb98b 101236 oldlibs extra ssh-krb5_6.5p1-4~bpo70+1_all.deb
4372f10888a6d7eef206e92b0b86d6ac 109004 gnome optional ssh-askpass-gnome_6.5p1-4~bpo70+1_i386.deb
b93e172c0fbcb2799fa0bfb870367cd3 247312 debian-installer optional openssh-client-udeb_6.5p1-4~bpo70+1_i386.udeb
4ac772fa32f315f5bc313e0e0f7a2723 276014 debian-installer optional openssh-server-udeb_6.5p1-4~bpo70+1_i386.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer
iQIVAwUBUw8WTTk1h9l9hlALAQgOdxAAhR9DZhswGNDqyv0V29H5NLw98gW1kKI/
yUzbMANdCMe5gftlWpVPJllyYLsmgEJZGHcb44CsySZkLkT+9wbRyjYavkKVagq2
cbrm6/9lHdb/xNPPSfYX30CavOwLUgsC1jl0wEdSFfuxJqejhGFO292xplFQsx1k
Ptkz3pZ8j+lHm5TIewnsiJEsyFcgsu4PtLLVhDLUIPQuo7hKRnjC+DR6YHBYrY4x
jk4awBzT1wH0qBWLWEa/HRVdhNcNJ+PNu/AO+gjcuz+3JzwTDgdDKG4fKOSxmxUB
1ViMQiOflFIzY2Oz2IrKEwb9TN8ZQVokU6HNmRF0fQw9jYhUOAugmoOFT8Spogxs
iSC7+ONMHfO471CkwsFAd9McNNOHltuyW29by5W1kL1+Zq036rX813Brez8bmMom
z2TriXGQ79d4QmEEqd5m2kbOUmNXxVNCi5UufvqOaDXaNcLUNogexEY13jNjh6Up
5gdZeJpOoOJ5xXgdKfdFN+T0e5yv4dKx0kaS0EjLKP6u4982SlJDprm5Sjs7FCIa
DO8SileuR+GmRGCr9nQjzn5Veimij7lPJJMiB9zXtQBaClogBp54JdTPTV/5lzFr
SR/UyNj1xobgbkUVGLUu2tXuYTMjU4zs475YkFZLorJEifcr0ZS74qcwbbxwJdxd
zycKGQQPM9k=
=2mhy
-----END PGP SIGNATURE-----
Reply to: