-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 6 Jun 2005 22:28:33 +0100 Source: openssh Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb Architecture: source powerpc all Version: 1:4.1p1-3 Distribution: unstable Urgency: high Maintainer: Matthew Vernon <[EMAIL PROTECTED]> Changed-By: Colin Watson <[EMAIL PROTECTED]> Description: openssh-client - Secure shell client, an rlogin/rsh/rcp replacement openssh-client-udeb - Secure shell client for the Debian installer (udeb) openssh-server - Secure shell server, an rshd replacement openssh-server-udeb - Secure shell server for the Debian installer (udeb) ssh - Secure shell client and server (transitional package) ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add Closes: 39741 87253 87900 141979 147212 147360 151321 162996 163933 192206 192234 220726 228828 233012 238699 242119 242462 247521 248747 250369 257130 264024 265339 265627 273831 275731 275895 276703 276754 277438 278394 278715 280190 281595 287013 289573 295757 296487 298536 298744 301852 303452 303787 307069 308868 Changes: openssh (1:4.1p1-3) unstable; urgency=low . * Upload to unstable. . openssh (1:4.1p1-2) experimental; urgency=low . * Drop debconf support for allowing SSH protocol 1, which is discouraged and has not been the default since openssh 1:3.0.1p1-1. Users who need this should edit sshd_config instead (closes: #147212). * Since ssh-keysign isn't used by default (you need to set EnableSSHKeysign to "yes" in /etc/ssh/ssh_config), having a debconf question to ask whether it should be setuid is overkill, and the question text had got out of date anyway. Remove this question, ship ssh-keysign setuid in openssh-client.deb, and set a statoverride if the debconf question was previously set to false. * Add lintian overrides for the above (setuid-binary, no-debconf-templates). * Fix picky lintian errors about slogin symlinks. * Fix DEB_HOST_ARCH_OS/DEB_HOST_GNU_SYSTEM compatibility handling. * Apply Linux 2.2 workaround (see #239999) only on Linux. . openssh (1:4.1p1-1) experimental; urgency=low . * New upstream release. - Normalise socket addresses returned by get_remote_hostname(), fixing 4-in-6 mapping issues with AllowUsers et al (closes: #192234). * Take upstream's hint and disable the unsupported USE_POSIX_THREADS (closes: #295757, #308868, and possibly others; may open other bugs). Use PAM password authentication to avoid #278394. In future I may provide two sets of binaries built with and without this option, since it seems I can't win. * Disable ChallengeResponseAuthentication in new installations, returning to PasswordAuthentication by default, since it now supports PAM and apparently works better with a non-threaded sshd (closes: #247521). * openssh-server Suggests: rssh (closes: #233012). * Change libexecdir to /usr/lib/openssh, and fix up various alternatives and configuration files to match (closes: #87900, #151321). * Fix up very old sshd_config files that refer to /usr/libexec/sftp-server (closes: #141979). . openssh (1:4.0p1-1) experimental; urgency=low . * New upstream release. - Port-forwarding specifications now take optional bind addresses, and the server allows client-specified bind addresses for remote port forwardings when configured with "GatewayPorts clientspecified" (closes: #87253, #192206). - ssh and ssh-keyscan now support hashing of known_hosts files for improved privacy. ssh-keygen has new options for managing known_hosts files, which understand hashing. - sftp supports command history and editing support using libedit (closes: #287013). - Have scp and sftp wait for the spawned ssh to exit before they exit themselves, allowing ssh to restore terminal modes (closes: #257130). - Improved the handling of bad data in authorized_keys files, eliminating fatal errors on corrupt or very large keys; e.g. linefeeds in keys only produce errors in auth.log now (closes: #220726). - Add "command mode" to ssh connection multiplexing (closes: #303452). - Mention $HOME/.hushlogin in sshd(8) FILES section (closes: #163933). * Make gnome-ssh-askpass stay above other windows (thanks, Liyang HU; closes: #296487). * Remove obsolete and unnecessary ssh/forward_warning debconf note. * Hurd build fixes (although sshd still doesn't work): - Restore X forwarding fix from #102991, lost somewhere along the way. - Link with -lcrypt. - Link with -lpthread rather than -pthread. - Don't build ssh-askpass-gnome on the Hurd, until GNOME is available to satisfy build-dependencies. * Drop workaround for #242462 on amd64; it's been fixed properly upstream. * Enable HashKnownHosts by default. This only affects new entries; use 'ssh-keygen -H' to convert an entire known_hosts file to hashed format. * Note in ssh_config(5) that the SetupTimeOut option is Debian-specific (closes: #307069). * debconf template translations: - Update Czech (thanks, Miroslav Kure; closes: #298744). - Update Finnish (thanks, Matti Pöllä; closes: #303787). - Synchronise Spanish with sarge branch (thanks, Javier Fernández-Sanguino Peña; closes: #298536). - Add Ukrainian (thanks, Eugeniy Meshcheryakov; closes: #301852). . openssh (1:3.9p1-3) experimental; urgency=low . * Explain how to run sshd from inittab in README.Debian (closes: #147360). * Add debian/watch file. . openssh (1:3.9p1-2) experimental; urgency=low . * Remove pam_nologin from /etc/pam.d/ssh, as sshd's built-in support appears to be sufficient and more useful (closes: #162996). * Depend on debconf | debconf-2.0. * Drop LoginGraceTime back to the upstream default of two minutes on new installs (closes: #289573). * debconf template translations from Ubuntu bug #1232: - Update Greek (thanks, Logiotatidis George). - Update Spanish (thanks, Santiago Erquicia). . openssh (1:3.9p1-1) experimental; urgency=low . * New upstream release. - PAM password authentication implemented again (closes: #238699, #242119). - Implemented the ability to pass selected environment variables between the client and the server. - Fix ssh-keyscan breakage when remote server doesn't speak SSH protocol (closes: #228828). - Fix res_query detection (closes: #242462). - 'ssh -c' documentation improved (closes: #265627). * Pass LANG and LC_* environment variables from the client by default, and accept them to the server by default in new installs, although not on upgrade (closes: #264024). * Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones). * Expand on openssh-client package description (closes: #273831). . openssh (1:3.8.1p1-14) experimental; urgency=low . * We use DH_COMPAT=2, so build-depend on debhelper (>= 2). * Fix timing information leak allowing discovery of invalid usernames in PAM keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595). * Make sure that there's a delay in PAM keyboard-interactive authentication when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747). . openssh (1:3.8.1p1-13) experimental; urgency=low . * Enable threading for PAM, on Sam Hartman's advice (closes: #278394). * debconf template translations: - Update Dutch (thanks, cobaco; closes: #278715). * Correct README.Debian's ForwardX11Trusted description (closes: #280190). . openssh (1:3.8.1p1-12) experimental; urgency=low . * Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754). * Shorten the version string from the form "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731). * debconf template translations: - Add Finnish (thanks, Matti Pöllä; closes: #265339). - Update Danish (thanks, Morten Brix Pedersen; closes: #275895). - Update French (thanks, Denis Barbier; closes: #276703). - Update Japanese (thanks, Kenshi Muto; closes: #277438). . openssh (1:3.8.1p1-11) experimental; urgency=high . * Move sshd_config(5) to openssh-server, where it belongs. * If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled. . openssh (1:3.8.1p1-10) experimental; urgency=low . * Don't install the ssh-askpass-gnome .desktop file by default; I've had too many GNOME people tell me it's the wrong thing to be doing. I've left it in /usr/share/doc/ssh-askpass-gnome/examples/ for now. . openssh (1:3.8.1p1-9) experimental; urgency=low . * Split the ssh binary package into openssh-client and openssh-server (closes: #39741). openssh-server depends on openssh-client for some common functionality; it didn't seem worth creating yet another package for this. openssh-client is priority standard, openssh-server optional. * New transitional ssh package, priority optional, depending on openssh-client and openssh-server. May be removed once nothing depends on it. * When upgrading from ssh to openssh-{client,server}, it's very difficult for the maintainer scripts to find out what version we're upgrading from without dodgy dpkg hackery. I've therefore taken the opportunity to move a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged and ssh/user_environment_tell. * Add a heuristic to try to make sure the sshd_config upgrade to >= 3.7 happens even though we don't know what version we're upgrading from. * Remove /etc/ssh/sshd_not_to_be_run on purge of openssh-server. For now (until sarge+2) it's still honoured to avoid breaking existing configurations, but the right approach is now to remove the openssh-server package if you don't want to run the server. Add a NEWS item to that effect. Files: 84f2dff9c56e901f345d56fc61df0d0b 900 net standard openssh_4.1p1-3.dsc 7ab61ab3f06d6f82054c1abe06c07d06 138002 net standard openssh_4.1p1-3.diff.gz 02c181ac3c4d6a0548d111c59e74db82 31940 net optional ssh_4.1p1-3_all.deb fded10b71291844267bf4582d67e1f49 570468 net standard openssh-client_4.1p1-3_powerpc.deb b5d53eb227d444b63861dc93266b06d3 284250 net optional openssh-server_4.1p1-3_powerpc.deb 712214657225f22add427e6e8af78d8e 76508 gnome optional ssh-askpass-gnome_4.1p1-3_powerpc.deb 8a08610010a9b18697df9dcaad793d47 163160 debian-installer optional openssh-client-udeb_4.1p1-3_powerpc.udeb c3e34795848cfa1ddf1be4365c9450cd 171832 debian-installer optional openssh-server-udeb_4.1p1-3_powerpc.udeb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCpMU09t0zAhD6TNERAkGpAKCDpLdoo2ILdb02EPN28FV4HuSsgQCcD7K2 QlEr7wrH8P5uw4bssmCGNzU= =mvqt -----END PGP SIGNATURE----- Accepted: openssh-client-udeb_4.1p1-3_powerpc.udeb to pool/main/o/openssh/openssh-client-udeb_4.1p1-3_powerpc.udeb openssh-client_4.1p1-3_powerpc.deb to pool/main/o/openssh/openssh-client_4.1p1-3_powerpc.deb openssh-server-udeb_4.1p1-3_powerpc.udeb to pool/main/o/openssh/openssh-server-udeb_4.1p1-3_powerpc.udeb openssh-server_4.1p1-3_powerpc.deb to pool/main/o/openssh/openssh-server_4.1p1-3_powerpc.deb openssh_4.1p1-3.diff.gz to pool/main/o/openssh/openssh_4.1p1-3.diff.gz openssh_4.1p1-3.dsc to pool/main/o/openssh/openssh_4.1p1-3.dsc ssh-askpass-gnome_4.1p1-3_powerpc.deb to pool/main/o/openssh/ssh-askpass-gnome_4.1p1-3_powerpc.deb ssh_4.1p1-3_all.deb to pool/main/o/openssh/ssh_4.1p1-3_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]