openssh_6.7p1-5+deb8u3_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 21 Jul 2016 15:51:59 + Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source amd64 all Version: 1:6.7p1-5+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian OpenSSH MaintainersChanged-By: Laszlo Boszormenyi (GCS) Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh- secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 831902 Changes: openssh (1:6.7p1-5+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-6210: User enumeration via covert timing channel (closes: #831902). Checksums-Sha1: bff143012193cc818be87fb2cc85a701e4dd94fc 2709 openssh_6.7p1-5+deb8u3.dsc 7c31b32b12a8b9aadc9b3e8fbee3b56dc8f0795f 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 868ac10a0246f4601fb91075e5999cca4b4e21ab 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 725cfad83f996522a8a83e7119d53a6da67398d0 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 2af338add69ac295737b61d718b92dca84d9ebba 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 7addc7869745a752f2af72d3499da3f37b435274 119790 ssh_6.7p1-5+deb8u3_all.deb f00b07ce403ec1cc2e6851a8f5d281d91748 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb d50a45e202a6e66594ed050493b4135516c9a527 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 6b7b8b1d27ed4ca3581894dac5827cc895cfff88 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb ebbe59699881d10e25233a3db9ea1f40f615d63d 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Checksums-Sha256: 3680d33c9638af9d0f249bee3444b490b0a1fa4ea11a04e1b97fe6e081ce8537 2709 openssh_6.7p1-5+deb8u3.dsc a2f486b45310b86816fbd5b85ad61493d9b07ac3290a7b4f773747e7a47b6759 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 0cfb382650c3263349f4829f3423833c650cb0c665b731be66d5d72f9779099d 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 0376c483b3bfe1c12e87744b11391a47c8f40eecce629c00176535a716761a58 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 19d84f32345060bbc79522f8e9ed773d28a37edb5d9cd8cf83384f27f848a220 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 257a7a22101067758b9b95792d3f6f5705b8a5b00b14f0ef63553db28b4eb45e 119790 ssh_6.7p1-5+deb8u3_all.deb 78bfef7c0299c70fc35aa9af601d2512ffb63bffd32ee75dbd92fa4885528a8a 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb e56238724132239d530fd7cd92679b4e4f5b6bc4c4b9dec1c5f543b82c2dbd03 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 463a40912de0499820501026ee29284ab4429b97a24cac34c1b9ff6be410f243 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb 938912669db7b2bc924e3ac202c8142342334e12b018db2a8fb0bc3ec1dd61a9 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Files: 4a60c718008cad0c665a7e354a9d02da 2709 net standard openssh_6.7p1-5+deb8u3.dsc c95ae17d1c3cb77453453846f32e 150272 net standard openssh_6.7p1-5+deb8u3.debian.tar.xz 1d6685072b0fbb99480eba30d2da0d46 690360 net standard openssh-client_6.7p1-5+deb8u3_amd64.deb 7dce77acd12b801bb5d5d901f4380d3f 331268 net optional openssh-server_6.7p1-5+deb8u3_amd64.deb c29c13fd32670a16464b805a41790608 37996 net optional openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 18ab5922af1b6841078eb9bab46cb2ef 119790 net extra ssh_6.7p1-5+deb8u3_all.deb 1f779b09429f37d9d3a37c9b59370c45 119334 oldlibs extra ssh-krb5_6.7p1-5+deb8u3_all.deb 995528c208b70003a697fbd9b52aa577 127466 gnome optional ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb c657a8c5bfb1043a7e62bba3134e81ca 259646 debian-installer optional openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb fc39fa3123e64058e1bec2201a169e5c 286308 debian-installer optional openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJXklxPAAoJENzjEOeGTMi/xf8P/2yfRdRdVjyyJwwNS2LVfhjf fODvgyZwOpP20WTl59hCYqKIOZDkU27/QuHZl1s9qTuroPD8jgApKTg0slNdaaxV TKOjPnsR2SsgdPDQTR9Fuemg9dBtQkDNEC8jwbbSZtEugpf5pSaC7kx8O2K3jIaP ar2w2ZLmCPIp2lI5QceauE51H1p/yrQjmTKQIXNhMaEK0di/JWS3xnNtr3ebcU6S 0bGCA+p7Xtz/1QyRp0DfEIvz4YWLY3BOu1fVIe/4klvRP61KYca+fmKM2xR6rHmD +rm+m2Bkq5jKUeMWoZYvFJZrG4ZKLVunAiOjCKQarJo26jv8k3oTZeRiUxGq6bbe U+OaGFPO8bLra0dMMVwoOmLtSnJh+Nsiid5gA614wFbgCByQfUSWuoUB1/LRb8uX yqV/h7TT8FRn3UcmYINSHmElJd2sxqtKFNzyFj36hpqvNAR4YJS7+2TlKeFRWDfW nqF5diL/t9HRyPrnp470+6hP6Yo+vsAHbVxjmzEHow/6owXNq9Hu3aObvd3/Nm2T
Accepted openssh 1:6.7p1-5+deb8u3 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 21 Jul 2016 15:51:59 + Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source amd64 all Version: 1:6.7p1-5+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian OpenSSH MaintainersChanged-By: Laszlo Boszormenyi (GCS) Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh- secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 831902 Changes: openssh (1:6.7p1-5+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-6210: User enumeration via covert timing channel (closes: #831902). Checksums-Sha1: bff143012193cc818be87fb2cc85a701e4dd94fc 2709 openssh_6.7p1-5+deb8u3.dsc 7c31b32b12a8b9aadc9b3e8fbee3b56dc8f0795f 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 868ac10a0246f4601fb91075e5999cca4b4e21ab 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 725cfad83f996522a8a83e7119d53a6da67398d0 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 2af338add69ac295737b61d718b92dca84d9ebba 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 7addc7869745a752f2af72d3499da3f37b435274 119790 ssh_6.7p1-5+deb8u3_all.deb f00b07ce403ec1cc2e6851a8f5d281d91748 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb d50a45e202a6e66594ed050493b4135516c9a527 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 6b7b8b1d27ed4ca3581894dac5827cc895cfff88 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb ebbe59699881d10e25233a3db9ea1f40f615d63d 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Checksums-Sha256: 3680d33c9638af9d0f249bee3444b490b0a1fa4ea11a04e1b97fe6e081ce8537 2709 openssh_6.7p1-5+deb8u3.dsc a2f486b45310b86816fbd5b85ad61493d9b07ac3290a7b4f773747e7a47b6759 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 0cfb382650c3263349f4829f3423833c650cb0c665b731be66d5d72f9779099d 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 0376c483b3bfe1c12e87744b11391a47c8f40eecce629c00176535a716761a58 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 19d84f32345060bbc79522f8e9ed773d28a37edb5d9cd8cf83384f27f848a220 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 257a7a22101067758b9b95792d3f6f5705b8a5b00b14f0ef63553db28b4eb45e 119790 ssh_6.7p1-5+deb8u3_all.deb 78bfef7c0299c70fc35aa9af601d2512ffb63bffd32ee75dbd92fa4885528a8a 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb e56238724132239d530fd7cd92679b4e4f5b6bc4c4b9dec1c5f543b82c2dbd03 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 463a40912de0499820501026ee29284ab4429b97a24cac34c1b9ff6be410f243 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb 938912669db7b2bc924e3ac202c8142342334e12b018db2a8fb0bc3ec1dd61a9 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Files: 4a60c718008cad0c665a7e354a9d02da 2709 net standard openssh_6.7p1-5+deb8u3.dsc c95ae17d1c3cb77453453846f32e 150272 net standard openssh_6.7p1-5+deb8u3.debian.tar.xz 1d6685072b0fbb99480eba30d2da0d46 690360 net standard openssh-client_6.7p1-5+deb8u3_amd64.deb 7dce77acd12b801bb5d5d901f4380d3f 331268 net optional openssh-server_6.7p1-5+deb8u3_amd64.deb c29c13fd32670a16464b805a41790608 37996 net optional openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 18ab5922af1b6841078eb9bab46cb2ef 119790 net extra ssh_6.7p1-5+deb8u3_all.deb 1f779b09429f37d9d3a37c9b59370c45 119334 oldlibs extra ssh-krb5_6.7p1-5+deb8u3_all.deb 995528c208b70003a697fbd9b52aa577 127466 gnome optional ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb c657a8c5bfb1043a7e62bba3134e81ca 259646 debian-installer optional openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb fc39fa3123e64058e1bec2201a169e5c 286308 debian-installer optional openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJXklxPAAoJENzjEOeGTMi/xf8P/2yfRdRdVjyyJwwNS2LVfhjf fODvgyZwOpP20WTl59hCYqKIOZDkU27/QuHZl1s9qTuroPD8jgApKTg0slNdaaxV TKOjPnsR2SsgdPDQTR9Fuemg9dBtQkDNEC8jwbbSZtEugpf5pSaC7kx8O2K3jIaP ar2w2ZLmCPIp2lI5QceauE51H1p/yrQjmTKQIXNhMaEK0di/JWS3xnNtr3ebcU6S 0bGCA+p7Xtz/1QyRp0DfEIvz4YWLY3BOu1fVIe/4klvRP61KYca+fmKM2xR6rHmD +rm+m2Bkq5jKUeMWoZYvFJZrG4ZKLVunAiOjCKQarJo26jv8k3oTZeRiUxGq6bbe U+OaGFPO8bLra0dMMVwoOmLtSnJh+Nsiid5gA614wFbgCByQfUSWuoUB1/LRb8uX yqV/h7TT8FRn3UcmYINSHmElJd2sxqtKFNzyFj36hpqvNAR4YJS7+2TlKeFRWDfW nqF5diL/t9HRyPrnp470+6hP6Yo+vsAHbVxjmzEHow/6owXNq9Hu3aObvd3/Nm2T
Bug#831902: marked as done (openssh: CVE-2016-6210: User enumeration via covert timing channel)
Your message dated Sun, 24 Jul 2016 19:02:57 + with message-idand subject line Bug#831902: fixed in openssh 1:6.7p1-5+deb8u3 has caused the Debian Bug report #831902, regarding openssh: CVE-2016-6210: User enumeration via covert timing channel to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 831902: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831902 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: openssh Version: 1:7.2p2-5 Severity: important Tags: security upstream patch Hi, the following vulnerability was published for openssh. CVE-2016-6210[0]: User enumeration via covert timing channel If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-6210 [1] http://seclists.org/fulldisclosure/2016/Jul/51 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: openssh Source-Version: 1:6.7p1-5+deb8u3 We believe that the bug you reported is fixed in the latest version of openssh, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 831...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laszlo Boszormenyi (GCS) (supplier of updated openssh package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 21 Jul 2016 15:51:59 + Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source amd64 all Version: 1:6.7p1-5+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian OpenSSH Maintainers Changed-By: Laszlo Boszormenyi (GCS) Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh- secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 831902 Changes: openssh (1:6.7p1-5+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-6210: User enumeration via covert timing channel (closes: #831902). Checksums-Sha1: bff143012193cc818be87fb2cc85a701e4dd94fc 2709 openssh_6.7p1-5+deb8u3.dsc 7c31b32b12a8b9aadc9b3e8fbee3b56dc8f0795f 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 868ac10a0246f4601fb91075e5999cca4b4e21ab 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 725cfad83f996522a8a83e7119d53a6da67398d0 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 2af338add69ac295737b61d718b92dca84d9ebba 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 7addc7869745a752f2af72d3499da3f37b435274 119790 ssh_6.7p1-5+deb8u3_all.deb f00b07ce403ec1cc2e6851a8f5d281d91748 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb d50a45e202a6e66594ed050493b4135516c9a527 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 6b7b8b1d27ed4ca3581894dac5827cc895cfff88 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb ebbe59699881d10e25233a3db9ea1f40f615d63d 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Checksums-Sha256: 3680d33c9638af9d0f249bee3444b490b0a1fa4ea11a04e1b97fe6e081ce8537 2709 openssh_6.7p1-5+deb8u3.dsc a2f486b45310b86816fbd5b85ad61493d9b07ac3290a7b4f773747e7a47b6759 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 0cfb382650c3263349f4829f3423833c650cb0c665b731be66d5d72f9779099d 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 0376c483b3bfe1c12e87744b11391a47c8f40eecce629c00176535a716761a58 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb
Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
On Sun, Jul 24, 2016 at 01:38:25AM +0200, Michael Biebl wrote: > I referenced in my other reply that the network.target ordering has just > been added recently (in v230). So it is possible that previously there > was still an issue on shutdown. This is fixed now. Do you plan to update jessie with this fix? I ask because I've had requests to make this openssh change available in jessie-backports. > Besides, there are many other reasons why you really want libpam-systemd > in combination with SSH. > You really want the user process be tracked as part of the user session, > so you can properly apply resource limits or safely kill user sessions. Sure. But non-systemd users don't need libpam-systemd at all in this case (I'm aware that there are other cases where they may do), and it's just noise for them; and in the case of a package such as openssh-server that's often installed on very minimal systems indeed, they may not previously have needed to deal with resolving libpam-systemd's dependencies. Unfortunately there's no good way to say "Depends: libpam-systemd, but only if systemd is pid 1". It's unfortunate that we don't have a good way to simply be able to assume that all systemd users have libpam-systemd installed, which is what I'd really prefer to be able to do here. > > I think I'll add a Recommends on it, but I really want > > openssh-server to be usable on very minimal systems, including those > > using other init systems, without having to deal with dependency > > strangenesses. > > Please disable the ssh-session-cleanup.service hack by default if you > don't want to remove it. Or better, ship it as an example file. Compromise proposal: how about I make it do nothing if libpam-systemd is installed (e.g. "ConditionPathExists=!/usr/share/pam-configs/systemd", which is probably the simplest available check without needing to deal with multiarch paths), in which case presumably the hack isn't needed? (For backports to jessie, such a check would need to be deleted, unless you plan to backport the ordering fix as requested above.) > I really don't what such service file be installed (and active) by > default on every system. People might see it and think it's actually ok > to apply such hacks. I'd be happy to add a warning comment to discourage that. The script is short enough that such a comment would be unlikely to be overlooked. -- Colin Watson [cjwat...@debian.org]
Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
Am 24.07.2016 um 17:47 schrieb Colin Watson: > On Sun, Jul 24, 2016 at 01:38:25AM +0200, Michael Biebl wrote: >> I referenced in my other reply that the network.target ordering has just >> been added recently (in v230). So it is possible that previously there >> was still an issue on shutdown. This is fixed now. > > Do you plan to update jessie with this fix? I can do that. Unfortunately I've already filed the jessie-pu bug for systemd a couple of hours ago (#832336, for 8.6), but I could update the pu request accordingly. I see what I can do, otherwise it will be in the next stable point release, i.e 8.7 > dependencies. Unfortunately there's no good way to say "Depends: > libpam-systemd, but only if systemd is pid 1". Right, we do not have conditional Depends. But since sysvinit-core is the only existing alternative in stretch, we could use Depends: libpam-systemd | sysvinit-core. It's slighly ugly but would probably do the trick. > It's unfortunate that we don't have a good way to simply be able to > assume that all systemd users have libpam-systemd installed, which is > what I'd really prefer to be able to do here. I am more and more inclined that we should simply make libpam-systemd a hard dependency of either systemd or systemd-sysv. >> Please disable the ssh-session-cleanup.service hack by default if you >> don't want to remove it. Or better, ship it as an example file. > > Compromise proposal: how about I make it do nothing if libpam-systemd is > installed (e.g. "ConditionPathExists=!/usr/share/pam-configs/systemd", > which is probably the simplest available check without needing to deal > with multiarch paths), in which case presumably the hack isn't needed? > (For backports to jessie, such a check would need to be deleted, unless > you plan to backport the ordering fix as requested above.) I'm still pretty much convinced that a hack like this should not be shipped by default, which is totally unnecessary for a default installation. It set's a wrong precedent. If we start piling up hacks like this, in 10 years we are back at that mess that sysvinit has become. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
openssh_6.7p1-5+deb8u3_amd64.changes ACCEPTED into proposed-updates->stable-new
Mapping stable-security to proposed-updates. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 21 Jul 2016 15:51:59 + Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source amd64 all Version: 1:6.7p1-5+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian OpenSSH MaintainersChanged-By: Laszlo Boszormenyi (GCS) Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh- secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 831902 Changes: openssh (1:6.7p1-5+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-6210: User enumeration via covert timing channel (closes: #831902). Checksums-Sha1: bff143012193cc818be87fb2cc85a701e4dd94fc 2709 openssh_6.7p1-5+deb8u3.dsc 7c31b32b12a8b9aadc9b3e8fbee3b56dc8f0795f 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 868ac10a0246f4601fb91075e5999cca4b4e21ab 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 725cfad83f996522a8a83e7119d53a6da67398d0 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 2af338add69ac295737b61d718b92dca84d9ebba 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 7addc7869745a752f2af72d3499da3f37b435274 119790 ssh_6.7p1-5+deb8u3_all.deb f00b07ce403ec1cc2e6851a8f5d281d91748 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb d50a45e202a6e66594ed050493b4135516c9a527 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 6b7b8b1d27ed4ca3581894dac5827cc895cfff88 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb ebbe59699881d10e25233a3db9ea1f40f615d63d 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Checksums-Sha256: 3680d33c9638af9d0f249bee3444b490b0a1fa4ea11a04e1b97fe6e081ce8537 2709 openssh_6.7p1-5+deb8u3.dsc a2f486b45310b86816fbd5b85ad61493d9b07ac3290a7b4f773747e7a47b6759 150272 openssh_6.7p1-5+deb8u3.debian.tar.xz 0cfb382650c3263349f4829f3423833c650cb0c665b731be66d5d72f9779099d 690360 openssh-client_6.7p1-5+deb8u3_amd64.deb 0376c483b3bfe1c12e87744b11391a47c8f40eecce629c00176535a716761a58 331268 openssh-server_6.7p1-5+deb8u3_amd64.deb 19d84f32345060bbc79522f8e9ed773d28a37edb5d9cd8cf83384f27f848a220 37996 openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 257a7a22101067758b9b95792d3f6f5705b8a5b00b14f0ef63553db28b4eb45e 119790 ssh_6.7p1-5+deb8u3_all.deb 78bfef7c0299c70fc35aa9af601d2512ffb63bffd32ee75dbd92fa4885528a8a 119334 ssh-krb5_6.7p1-5+deb8u3_all.deb e56238724132239d530fd7cd92679b4e4f5b6bc4c4b9dec1c5f543b82c2dbd03 127466 ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb 463a40912de0499820501026ee29284ab4429b97a24cac34c1b9ff6be410f243 259646 openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb 938912669db7b2bc924e3ac202c8142342334e12b018db2a8fb0bc3ec1dd61a9 286308 openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Files: 4a60c718008cad0c665a7e354a9d02da 2709 net standard openssh_6.7p1-5+deb8u3.dsc c95ae17d1c3cb77453453846f32e 150272 net standard openssh_6.7p1-5+deb8u3.debian.tar.xz 1d6685072b0fbb99480eba30d2da0d46 690360 net standard openssh-client_6.7p1-5+deb8u3_amd64.deb 7dce77acd12b801bb5d5d901f4380d3f 331268 net optional openssh-server_6.7p1-5+deb8u3_amd64.deb c29c13fd32670a16464b805a41790608 37996 net optional openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb 18ab5922af1b6841078eb9bab46cb2ef 119790 net extra ssh_6.7p1-5+deb8u3_all.deb 1f779b09429f37d9d3a37c9b59370c45 119334 oldlibs extra ssh-krb5_6.7p1-5+deb8u3_all.deb 995528c208b70003a697fbd9b52aa577 127466 gnome optional ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb c657a8c5bfb1043a7e62bba3134e81ca 259646 debian-installer optional openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb fc39fa3123e64058e1bec2201a169e5c 286308 debian-installer optional openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJXklxPAAoJENzjEOeGTMi/xf8P/2yfRdRdVjyyJwwNS2LVfhjf fODvgyZwOpP20WTl59hCYqKIOZDkU27/QuHZl1s9qTuroPD8jgApKTg0slNdaaxV TKOjPnsR2SsgdPDQTR9Fuemg9dBtQkDNEC8jwbbSZtEugpf5pSaC7kx8O2K3jIaP ar2w2ZLmCPIp2lI5QceauE51H1p/yrQjmTKQIXNhMaEK0di/JWS3xnNtr3ebcU6S 0bGCA+p7Xtz/1QyRp0DfEIvz4YWLY3BOu1fVIe/4klvRP61KYca+fmKM2xR6rHmD +rm+m2Bkq5jKUeMWoZYvFJZrG4ZKLVunAiOjCKQarJo26jv8k3oTZeRiUxGq6bbe U+OaGFPO8bLra0dMMVwoOmLtSnJh+Nsiid5gA614wFbgCByQfUSWuoUB1/LRb8uX yqV/h7TT8FRn3UcmYINSHmElJd2sxqtKFNzyFj36hpqvNAR4YJS7+2TlKeFRWDfW
Processing of openssh_6.7p1-5+deb8u3_amd64.changes
openssh_6.7p1-5+deb8u3_amd64.changes uploaded successfully to localhost along with the files: openssh_6.7p1-5+deb8u3.dsc openssh_6.7p1-5+deb8u3.debian.tar.xz openssh-client_6.7p1-5+deb8u3_amd64.deb openssh-server_6.7p1-5+deb8u3_amd64.deb openssh-sftp-server_6.7p1-5+deb8u3_amd64.deb ssh_6.7p1-5+deb8u3_all.deb ssh-krb5_6.7p1-5+deb8u3_all.deb ssh-askpass-gnome_6.7p1-5+deb8u3_amd64.deb openssh-client-udeb_6.7p1-5+deb8u3_amd64.udeb openssh-server-udeb_6.7p1-5+deb8u3_amd64.udeb Greetings, Your Debian queue daemon (running on host franck.debian.org)