diff options
| author | Colin Watson <cjwatson@debian.org> | 2015-11-29 17:18:35 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2015-11-29 17:32:50 +0000 |
| commit | 0b372585c0026f78676f1414510ec9f87a383803 (patch) | |
| tree | a3fa6b329a8a5e9841b526f30332d21fc110118a /debian/changelog | |
| parent | 24ffa45372888d206f21e1864e3911024c6d5e62 (diff) | |
| parent | 6d0faf6dc76ac8cc73d6f8e478db7c97f7013a2d (diff) | |
New upstream release (7.0p1).
Diffstat (limited to 'debian/changelog')
| -rw-r--r-- | debian/changelog | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index ccee48f9d..42450d4d3 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -1,3 +1,51 @@ | |||
| 1 | openssh (1:7.0p1-1) UNRELEASED; urgency=medium | ||
| 2 | |||
| 3 | * New upstream release (http://www.openssh.com/txt/release-7.0, closes: | ||
| 4 | #785190): | ||
| 5 | - Support for the legacy SSH version 1 protocol is disabled by default | ||
| 6 | at compile time. | ||
| 7 | - Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is | ||
| 8 | disabled by default at run-time. It may be re-enabled using the | ||
| 9 | instructions at http://www.openssh.com/legacy.html | ||
| 10 | - Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by | ||
| 11 | default at run-time. These may be re-enabled using the instructions | ||
| 12 | at http://www.openssh.com/legacy.html | ||
| 13 | - Support for the legacy v00 cert format has been removed. | ||
| 14 | - The default for the sshd_config(5) PermitRootLogin option has changed | ||
| 15 | from "yes" to "prohibit-password". | ||
| 16 | - PermitRootLogin=without-password/prohibit-password now bans all | ||
| 17 | interactive authentication methods, allowing only public-key, | ||
| 18 | hostbased and GSSAPI authentication (previously it permitted | ||
| 19 | keyboard-interactive and password-less authentication if those were | ||
| 20 | enabled). | ||
| 21 | - ssh_config(5): Add PubkeyAcceptedKeyTypes option to control which | ||
| 22 | public key types are available for user authentication. | ||
| 23 | - sshd_config(5): Add HostKeyAlgorithms option to control which public | ||
| 24 | key types are offered for host authentications. | ||
| 25 | - ssh(1), sshd(8): Extend Ciphers, MACs, KexAlgorithms, | ||
| 26 | HostKeyAlgorithms, PubkeyAcceptedKeyTypes and HostbasedKeyTypes | ||
| 27 | options to allow appending to the default set of algorithms instead of | ||
| 28 | replacing it. Options may now be prefixed with a '+' to append to the | ||
| 29 | default, e.g. "HostKeyAlgorithms=+ssh-dss". | ||
| 30 | - sshd_config(5): PermitRootLogin now accepts an argument of | ||
| 31 | 'prohibit-password' as a less-ambiguous synonym of 'without- | ||
| 32 | password'. | ||
| 33 | - ssh(1), sshd(8): Add compatability workarounds for Cisco and more | ||
| 34 | PuTTY versions. | ||
| 35 | - Fix some omissions and errors in the PROTOCOL and PROTOCOL.mux | ||
| 36 | documentation relating to Unix domain socket forwarding. | ||
| 37 | - ssh(1): Improve the ssh(1) manual page to include a better description | ||
| 38 | of Unix domain socket forwarding (closes: #779068). | ||
| 39 | - ssh(1), ssh-agent(1): Skip uninitialised PKCS#11 slots, fixing | ||
| 40 | failures to load keys when they are present. | ||
| 41 | - ssh(1), ssh-agent(1): Do not ignore PKCS#11 hosted keys that wth empty | ||
| 42 | CKA_ID. | ||
| 43 | - sshd(8): Clarify documentation for UseDNS option. | ||
| 44 | - Check realpath(3) behaviour matches what sftp-server requires and use | ||
| 45 | a replacement if necessary. | ||
| 46 | |||
| 47 | -- Colin Watson <cjwatson@debian.org> Sun, 29 Nov 2015 17:32:44 +0000 | ||
| 48 | |||
| 1 | openssh (1:6.9p1-3) unstable; urgency=medium | 49 | openssh (1:6.9p1-3) unstable; urgency=medium |
| 2 | 50 | ||
| 3 | * ssh_config(5): Fix markup errors in description of GSSAPITrustDns | 51 | * ssh_config(5): Fix markup errors in description of GSSAPITrustDns |