subject:"Bug#926853\: unblock\: openssh\/1\:7.9p1\-10"

Bug#926853: unblock: openssh/1:7.9p1-10

2019-04-18 Thread Cyril Brulebois

Hi,

Niels Thykier  (2019-04-18):
> Ok and unblocked from a release team PoV, but it needs a d-i ack due to
> its udeb.  CC'ing kibi for that part (and quoting the diff in full for him).

(Thanks; FWIW I tend to bts -m show $bug or to just look at my
debian-release/ folder, so the full quote is not entirely needed. ;))

No objections, thanks.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#926853: unblock: openssh/1:7.9p1-10

2019-04-18 Thread Niels Thykier

Control: tags -1 confirmed d-i

Colin Watson:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock openssh 1:7.9p1-10; as discussed recently on
> debian-devel, this reverts an upstream change in 7.8 that causes
> problems for certain iptables configurations as well as for VMware.
> 
> unblock openssh/1:7.9p1-10
> 


Hi,

Ok and unblocked from a release team PoV, but it needs a d-i ack due to
its udeb.  CC'ing kibi for that part (and quoting the diff in full for him).

Thanks,
~Niels


> diff -Nru openssh-7.9p1/debian/.git-dpm openssh-7.9p1/debian/.git-dpm
> --- openssh-7.9p1/debian/.git-dpm 2019-03-01 10:57:53.0 +0100
> +++ openssh-7.9p1/debian/.git-dpm 2019-04-08 11:51:26.0 +0200
> @@ -1,6 +1,6 @@
>  # see git-dpm(1) from git-dpm package
> -7a3fa37583d4abf128f7f4c6eb1e7ffc90115eab
> -7a3fa37583d4abf128f7f4c6eb1e7ffc90115eab
> +6b56cd57db9061296231f14d537f1ebaf25e8877
> +6b56cd57db9061296231f14d537f1ebaf25e8877
>  3d246f10429fc9a37b98eabef94fe8dc7c61002b
>  3d246f10429fc9a37b98eabef94fe8dc7c61002b
>  openssh_7.9p1.orig.tar.gz
> diff -Nru openssh-7.9p1/debian/README.Debian 
> openssh-7.9p1/debian/README.Debian
> --- openssh-7.9p1/debian/README.Debian2019-03-01 10:57:52.0 
> +0100
> +++ openssh-7.9p1/debian/README.Debian2019-04-08 11:56:59.0 
> +0200
> @@ -270,6 +270,26 @@
>  
>https://bugs.launchpad.net/bugs/1674330
>  
> +IPQoS defaults reverted to pre-7.8 values
> +-
> +
> +OpenSSH 7.8 changed the default IPQoS settings to use DSCP AF21 for
> +interactive traffic and CS1 for bulk.  This caused some problems with other
> +software ("iptables -m tos" and VMware), so Debian's OpenSSH reverts this
> +change for the time being.
> +
> +This is *temporary*, and we expect to come back into sync with upstream
> +OpenSSH once those other issues have been fixed.  If you want to restore the
> +upstream default, add this to ssh_config and sshd_config:
> +
> +  IPQoS af21 cs1
> +
> +For further discussion, see:
> +
> +  https://bugs.debian.org/923879
> +  https://bugs.debian.org/926229
> +  https://bugs.launchpad.net/1822370
> +
>  -- 
>  Matthew Vernon 
>  Colin Watson 
> diff -Nru openssh-7.9p1/debian/changelog openssh-7.9p1/debian/changelog
> --- openssh-7.9p1/debian/changelog2019-03-01 13:23:36.0 +0100
> +++ openssh-7.9p1/debian/changelog2019-04-08 12:13:04.0 +0200
> @@ -1,3 +1,11 @@
> +openssh (1:7.9p1-10) unstable; urgency=medium
> +
> +  * Temporarily revert IPQoS defaults to pre-7.8 values until issues with
> +"iptables -m tos" and VMware have been fixed (closes: #923879, #926229;
> +LP: #1822370).
> +
> + -- Colin Watson   Mon, 08 Apr 2019 11:13:04 +0100
> +
>  openssh (1:7.9p1-9) unstable; urgency=medium
>  
>* Apply upstream patch to make scp handle shell-style brace expansions
> diff -Nru openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch 
> openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch
> --- openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch  1970-01-01 
> 01:00:00.0 +0100
> +++ openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch  2019-04-08 
> 11:51:26.0 +0200
> @@ -0,0 +1,93 @@
> +From 6b56cd57db9061296231f14d537f1ebaf25e8877 Mon Sep 17 00:00:00 2001
> +From: Colin Watson 
> +Date: Mon, 8 Apr 2019 10:46:29 +0100
> +Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP
> + AF21 for"
> +
> +This reverts commit 5ee8448ad7c306f05a9f56769f95336a8269f379.
> +
> +The IPQoS default changes have some unfortunate interactions with
> +iptables (see https://bugs.debian.org/923880) and VMware, so I'm
> +temporarily reverting them until those have been fixed.
> +
> +Bug-Debian: https://bugs.debian.org/923879
> +Bug-Debian: https://bugs.debian.org/926229
> +Bug-Ubuntu: https://bugs.launchpad.net/1822370
> +Last-Update: 2019-04-08
> +
> +Patch-Name: revert-ipqos-defaults.patch
> +---
> + readconf.c| 4 ++--
> + servconf.c| 4 ++--
> + ssh_config.5  | 6 ++
> + sshd_config.5 | 6 ++
> + 4 files changed, 8 insertions(+), 12 deletions(-)
> +
> +diff --git a/readconf.c b/readconf.c
> +index 661b8bf40..6d046f063 100644
> +--- a/readconf.c
>  b/readconf.c
> +@@ -2133,9 +2133,9 @@ fill_default_options(Options * options)
> + if (options->visual_host_key == -1)
> + options->visual_host_key = 0;
> + if (options->ip_qos_interactive == -1)
> +-options->ip_qos_interactive = IPTOS_DSCP_AF21;
> ++options->ip_qos_interactive = IPTOS_LOWDELAY;
> + if (options->ip_qos_bulk == -1)
> +-options->ip_qos_bulk = IPTOS_DSCP_CS1;
> ++options->ip_qos_bulk = IPTOS_THROUGHPUT;
> + if (options->request_tty == -1)
> + options->request_tty = REQUEST_TTY_AUTO;
> + if (options->proxy_use_fdpass == -1)
> +diff --git a/servconf.c b/servconf.c
> +index

Processed: Re: Bug#926853: unblock: openssh/1:7.9p1-10

2019-04-18 Thread Debian Bug Tracking System

Processing control commands:

> tags -1 confirmed d-i
Bug #926853 [release.debian.org] unblock: openssh/1:7.9p1-10
Added tag(s) confirmed and d-i.

-- 
926853: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926853
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#926853: unblock: openssh/1:7.9p1-10

2019-04-11 Thread Colin Watson

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock openssh 1:7.9p1-10; as discussed recently on
debian-devel, this reverts an upstream change in 7.8 that causes
problems for certain iptables configurations as well as for VMware.

unblock openssh/1:7.9p1-10

diff -Nru openssh-7.9p1/debian/.git-dpm openssh-7.9p1/debian/.git-dpm
--- openssh-7.9p1/debian/.git-dpm   2019-03-01 10:57:53.0 +0100
+++ openssh-7.9p1/debian/.git-dpm   2019-04-08 11:51:26.0 +0200
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-7a3fa37583d4abf128f7f4c6eb1e7ffc90115eab
-7a3fa37583d4abf128f7f4c6eb1e7ffc90115eab
+6b56cd57db9061296231f14d537f1ebaf25e8877
+6b56cd57db9061296231f14d537f1ebaf25e8877
 3d246f10429fc9a37b98eabef94fe8dc7c61002b
 3d246f10429fc9a37b98eabef94fe8dc7c61002b
 openssh_7.9p1.orig.tar.gz
diff -Nru openssh-7.9p1/debian/README.Debian openssh-7.9p1/debian/README.Debian
--- openssh-7.9p1/debian/README.Debian  2019-03-01 10:57:52.0 +0100
+++ openssh-7.9p1/debian/README.Debian  2019-04-08 11:56:59.0 +0200
@@ -270,6 +270,26 @@
 
   https://bugs.launchpad.net/bugs/1674330
 
+IPQoS defaults reverted to pre-7.8 values
+-
+
+OpenSSH 7.8 changed the default IPQoS settings to use DSCP AF21 for
+interactive traffic and CS1 for bulk.  This caused some problems with other
+software ("iptables -m tos" and VMware), so Debian's OpenSSH reverts this
+change for the time being.
+
+This is *temporary*, and we expect to come back into sync with upstream
+OpenSSH once those other issues have been fixed.  If you want to restore the
+upstream default, add this to ssh_config and sshd_config:
+
+  IPQoS af21 cs1
+
+For further discussion, see:
+
+  https://bugs.debian.org/923879
+  https://bugs.debian.org/926229
+  https://bugs.launchpad.net/1822370
+
 -- 
 Matthew Vernon 
 Colin Watson 
diff -Nru openssh-7.9p1/debian/changelog openssh-7.9p1/debian/changelog
--- openssh-7.9p1/debian/changelog  2019-03-01 13:23:36.0 +0100
+++ openssh-7.9p1/debian/changelog  2019-04-08 12:13:04.0 +0200
@@ -1,3 +1,11 @@
+openssh (1:7.9p1-10) unstable; urgency=medium
+
+  * Temporarily revert IPQoS defaults to pre-7.8 values until issues with
+"iptables -m tos" and VMware have been fixed (closes: #923879, #926229;
+LP: #1822370).
+
+ -- Colin Watson   Mon, 08 Apr 2019 11:13:04 +0100
+
 openssh (1:7.9p1-9) unstable; urgency=medium
 
   * Apply upstream patch to make scp handle shell-style brace expansions
diff -Nru openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch 
openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch
--- openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch1970-01-01 
01:00:00.0 +0100
+++ openssh-7.9p1/debian/patches/revert-ipqos-defaults.patch2019-04-08 
11:51:26.0 +0200
@@ -0,0 +1,93 @@
+From 6b56cd57db9061296231f14d537f1ebaf25e8877 Mon Sep 17 00:00:00 2001
+From: Colin Watson 
+Date: Mon, 8 Apr 2019 10:46:29 +0100
+Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP
+ AF21 for"
+
+This reverts commit 5ee8448ad7c306f05a9f56769f95336a8269f379.
+
+The IPQoS default changes have some unfortunate interactions with
+iptables (see https://bugs.debian.org/923880) and VMware, so I'm
+temporarily reverting them until those have been fixed.
+
+Bug-Debian: https://bugs.debian.org/923879
+Bug-Debian: https://bugs.debian.org/926229
+Bug-Ubuntu: https://bugs.launchpad.net/1822370
+Last-Update: 2019-04-08
+
+Patch-Name: revert-ipqos-defaults.patch
+---
+ readconf.c| 4 ++--
+ servconf.c| 4 ++--
+ ssh_config.5  | 6 ++
+ sshd_config.5 | 6 ++
+ 4 files changed, 8 insertions(+), 12 deletions(-)
+
+diff --git a/readconf.c b/readconf.c
+index 661b8bf40..6d046f063 100644
+--- a/readconf.c
 b/readconf.c
+@@ -2133,9 +2133,9 @@ fill_default_options(Options * options)
+   if (options->visual_host_key == -1)
+   options->visual_host_key = 0;
+   if (options->ip_qos_interactive == -1)
+-  options->ip_qos_interactive = IPTOS_DSCP_AF21;
++  options->ip_qos_interactive = IPTOS_LOWDELAY;
+   if (options->ip_qos_bulk == -1)
+-  options->ip_qos_bulk = IPTOS_DSCP_CS1;
++  options->ip_qos_bulk = IPTOS_THROUGHPUT;
+   if (options->request_tty == -1)
+   options->request_tty = REQUEST_TTY_AUTO;
+   if (options->proxy_use_fdpass == -1)
+diff --git a/servconf.c b/servconf.c
+index c5dd617ef..bf2669147 100644
+--- a/servconf.c
 b/servconf.c
+@@ -403,9 +403,9 @@ fill_default_server_options(ServerOptions *options)
+   if (options->permit_tun == -1)
+   options->permit_tun = SSH_TUNMODE_NO;
+   if (options->ip_qos_interactive == -1)
+-  options->ip_qos_interactive = IPTOS_DSCP_AF21;
++  options->ip_qos_interactive = IPTOS_LOWDELAY;
+   if (options->ip_qos_bulk == -1)
+-

Bug#926853: unblock: openssh/1:7.9p1-10

Bug#926853: unblock: openssh/1:7.9p1-10

Processed: Re: Bug#926853: unblock: openssh/1:7.9p1-10

Bug#926853: unblock: openssh/1:7.9p1-10

4 matches

Site Navigation

Mail list logo

Footer information