Your message dated Sat, 02 Sep 2023 20:46:41 +0000 with message-id <[email protected]> and subject line Bug#59255: fixed in openssh 1:9.4p1-1 has caused the Debian Bug report #59255, regarding ssh: scp check file existance first, then ask for password to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 59255: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=59255 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: ssh Version: 1:1.2.2-1.2 Severity: wishlist I'm copying a file to a remote machine, but mistype the file name: # scp bogus marmot:/tmp root@marmot's password: bogus: No such file or directory It sure would be nice if scp would notice the file doesn't exist, and save me the bother of typing in marmot's password. Jeff -- System Information Debian Release: 2.2 Kernel Version: Linux swix 2.2.14 #1 SMP Tue Feb 22 00:27:24 PST 2000 i686 unknown Versions of the packages ssh depends on: ii libc6 2.1.3-5 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-4 Pluggable Authentication Modules for PAM ii libpam0g 0.72-4 Pluggable Authentication Modules library ii libssl09 0.9.4-4 SSL shared libraries ii libwrap0 7.6-4 Wietse Venema's TCP wrappers library ii zlib1g 1.1.3-5 compression library - runtime ^^^ (Provides virtual package libz1)
--- End Message ---
--- Begin Message ---Source: openssh Source-Version: 1:9.4p1-1 Done: Colin Watson <[email protected]> We believe that the bug you reported is fixed in the latest version of openssh, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson <[email protected]> (supplier of updated openssh package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 02 Sep 2023 21:02:53 +0100 Source: openssh Architecture: source Version: 1:9.4p1-1 Distribution: unstable Urgency: medium Maintainer: Debian OpenSSH Maintainers <[email protected]> Changed-By: Colin Watson <[email protected]> Closes: 59255 348741 1035623 Changes: openssh (1:9.4p1-1) unstable; urgency=medium . * New upstream release (https://www.openssh.com/releasenotes.html#9.4p1): - ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system library directories. - ssh(1): allow forwarding Unix Domain sockets via ssh -W. - ssh(1): add support for configuration tags to ssh(1). This adds a ssh_config(5) "Tag" directive and corresponding "Match tag" predicate that may be used to select blocks of configuration similar to the pf.conf(5) keywords of the same name. - ssh(1): add a "match localnetwork" predicate. This allows matching on the addresses of available network interfaces and may be used to vary the effective client configuration based on network location. - ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL extensions. This defines wire formats for optional KRL extensions and implements parsing of the new submessages. No actual extensions are supported at this point. - sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now accept two additional %-expansion sequences: %D which expands to the routing domain of the connected session and %C which expands to the addresses and port numbers for the source and destination of the connection. - ssh-keygen(1): increase the default work factor (rounds) for the bcrypt KDF used to derive symmetric encryption keys for passphrase protected key files by 50%. - ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider. - ssh(1): make -f (fork after authentication) work correctly with multiplexed connections, including ControlPersist (closes: #348741). - ssh(1): make ConnectTimeout apply to multiplexing sockets and not just to network connections. - ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules being loaded by checking that the requested module contains the required symbol before loading it. - sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand appears before it in sshd_config. Since OpenSSH 8.7 the AuthorizedPrincipalsCommand directive was incorrectly ignored in this situation. - sshd(8), ssh(1), ssh-keygen(1): remove vestigial support for KRL signatures. When the KRL format was originally defined, it included support for signing of KRL objects. However, the code to sign KRLs and verify KRL signatues was never completed in OpenSSH. This release removes the partially-implemented code to verify KRLs. All OpenSSH tools now ignore KRL_SECTION_SIGNATURE sections in KRL files. - All: fix a number of memory leaks and unreachable/harmless integer overflows. - ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11 modules. - sshd(8), ssh(1): better validate CASignatureAlgorithms in ssh_config and sshd_config. Previously this directive would accept certificate algorithm names, but these were unusable in practice as OpenSSH does not support CA chains. - ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature algorithms that are valid for CA signing. Previous behaviour was to list all signing algorithms, including certificate algorithms. - ssh-keyscan(1): gracefully handle systems where rlimits or the maximum number of open files is larger than INT_MAX. - ssh-keygen(1): fix "no comment" not showing on when running `ssh-keygen -l` on multiple keys where one has a comment and other following keys do not. bz3580 - scp(1), sftp(1): adjust ftruncate() logic to handle servers that reorder requests. Previously, if the server reordered requests then the resultant file would be erroneously truncated. - ssh(1): don't incorrectly disable hostname canonicalization when CanonicalizeHostname=yes and ProxyJump was explicitly set to "none". - scp(1): when copying local->remote, check that the source file exists before opening an SFTP connection to the server (closes: #59255). - sshd(8): provide a replacement for the SELinux matchpathcon() function, which is deprecated. - All: relax libcrypto version checks for OpenSSL >=3 (closes: #1035623). Beyond OpenSSL 3.0, the ABI compatibility guarantees are wider (only the library major must match instead of major and minor in earlier versions). - ssh-copy-id(1): Special case OpenWrt instead of Dropbear (LP: #1966886). Checksums-Sha1: f4ec7ae20fbb29a911844f892223b4088bf54b92 3311 openssh_9.4p1-1.dsc 5dea1f3c88f9cfe53a711a3c893ee8b7d3ffecff 1845094 openssh_9.4p1.orig.tar.gz 28b901a05850d2a050435611b5e19e357f791db6 833 openssh_9.4p1.orig.tar.gz.asc 112f75e47f188b5e3880ec11817b52e2ab39fd4a 185012 openssh_9.4p1-1.debian.tar.xz Checksums-Sha256: 1b5f4527537b2e1aee79ba7db11c28ecfd8ba7ee968114ddb494dfd02600d933 3311 openssh_9.4p1-1.dsc 3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85 1845094 openssh_9.4p1.orig.tar.gz d92592d82bee81745a71bbf249ede02afcdbf933f0de18841a7f17b15b975a03 833 openssh_9.4p1.orig.tar.gz.asc 3f6b3b4311c3df3eb583228f35ebb5baf3e14c46018ec8ce31e4815f1aa6aa13 185012 openssh_9.4p1-1.debian.tar.xz Files: 9a88566487eb5102a9db79f7d4c7cec6 3311 net standard openssh_9.4p1-1.dsc 4bbd56a7ba51b0cd61debe8f9e77f8bb 1845094 net standard openssh_9.4p1.orig.tar.gz 3df753a32f5bede3dd037022ae85813e 833 net standard openssh_9.4p1.orig.tar.gz.asc d589eea994391d78f6702a5538d975b6 185012 net standard openssh_9.4p1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAmTzlSoACgkQOTWH2X2G UAucbw//QZDjcdpbGWqKlKfBX/WRUhwfwpLBRuBreu6K2zPMfcplnB+Y4SXioLBv bEBmJBvD1bnUZwrwLzUufoWrSOURxNAnCsV5SMhRPS4WbUQrl1UwyB66INjY5ICX eibtL+1/uAfzXDrmdA7UcX3Bw+ypVPQ52nFctQlnJrprS3UrBLksgSGUrjyGrsm2 /IhyX7vQrJaoO6OqQmZJFTKjeLj3QxYQDXFuLxPGBN2voAi6/j9Em32iGJ1A+vAs fzIas3Y8ALJpe0TMG/DyqQY+uRZ5BzlVpvdIyQ40e4KgvxfoXoVZwjze5VD9/Z1f v4w7XxyqdjOLifkFaqvczpAjVqNIe4flhktUb6vvIuPUMbcvBi1p/fGZnfFUdWDm UN3bXk8GufDGz/q8KQzdkM+GvgmitiCFD4xKN5RgoJxzXulhtcIjWNoD1Gzy9214 N9XLOK47kPvoLzkNonp6O5D1MyUKD/fqnjpj7vp3RoLd1f2zCvcIcwaMvAbcltpg zlaby83nEUPWTKG6aG2GOQaJ5H4o92LZ83m/WBYB/qb9DpAhzek3rmRdrmOohqrg YH+y3ADCqmNnGK0DR52BKxmSJW8h38OEaoZgSUnaD2Ddz+XV5N+TATjfutAdgcf/ gIPsbqDXGbRgXzxrq4AWSPjFrsKee0ozEanH9OGZCzlGTf2t3ho= =ma5k -----END PGP SIGNATURE-----
--- End Message ---
