summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2003-09-01 00:51:03 +0000
committerColin Watson <cjwatson@debian.org>2003-09-01 00:51:03 +0000
commit79cf0b3654d7b597de323153eb57015cdfbd90a4 (patch)
tree274e78bc3369e218e59aa1fcc9b7e90697f424f1 /debian/changelog
parentd984a3c6658e950881edcfb2aae464add93f68d4 (diff)
Debian release 3.4p1-1.
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog944
1 files changed, 944 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 000000000..32f541a0f
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,944 @@
1openssh (1:3.4p1-1) testing; urgency=high
2
3 * Extend my tendrils back into this package (Closes: #150915, #151098)
4 * thanks to the security team for their work
5 * no thanks to ISS/Theo de Raadt for their handling of these bugs
6 * save old sshd_configs to sshd_config.dpkg-old when auto-generating a
7 new one
8 * tell/ask the user about PriviledgeSeparation
9 * /etc/init.d/ssh run will now create the chroot empty dir if necessary
10 * Remove our previous statoverride on /usr/bin/ssh (only for people
11 upgrading from a version where we'd put one in ourselves!)
12 * Stop slandering Russia, since someone asked so nicely (Closes: #148951)
13 * Reduce the sleep time in /etc/init.d/ssh during a restart
14
15 -- Matthew Vernon <matthew@debian.org> Fri, 28 Jun 2002 15:52:10 +0100
16
17openssh (1:3.4p1-0.0woody1) testing-security; urgency=high
18
19 * NMU by the security team.
20 * New upstream version
21
22 -- Michael Stone <mstone@debian.org> Wed, 26 Jun 2002 15:40:38 -0400
23
24openssh (1:3.3p1-0.0woody4) testing-security; urgency=high
25
26 * NMU by the security team.
27 * fix error when /etc/ssh/sshd_config exists on new install
28 * check that user doesn't exist before running adduser
29 * use openssl internal random unconditionally
30
31 -- Michael Stone <mstone@debian.org> Tue, 25 Jun 2002 19:44:39 -0400
32
33openssh (1:3.3p1-0.0woody3) testing-security; urgency=high
34
35 * NMU by the security team.
36 * use correct home directory when sshd user is created
37
38 -- Michael Stone <mstone@debian.org> Tue, 25 Jun 2002 08:59:50 -0400
39
40openssh (1:3.3p1-0.0woody2) testing-security; urgency=high
41
42 * NMU by the security team.
43 * Fix rsa1 key creation (Closes: #150949)
44 * don't fail if sshd user removal fails
45 * depends: on adduser (Closes: #150907)
46
47 -- Michael Stone <mstone@debian.org> Tue, 25 Jun 2002 08:59:50 -0400
48
49openssh (1:3.3p1-0.0woody1) testing-security; urgency=high
50
51 * NMU by the security team.
52 * New upstream version.
53 - Enable privilege separation by default.
54 * Include patch from Solar Designer for privilege separation and
55 compression on 2.2.x kernels.
56 * Remove --disable-suid-ssh from configure.
57 * Support setuid ssh-keysign binary instead of setuid ssh client.
58 * Check sshd configuration before restarting.
59
60 -- Daniel Jacobowitz <dan@debian.org> Mon, 24 Jun 2002 13:43:44 -0400
61
62openssh (1:3.0.2p1-9) unstable; urgency=high
63
64 * Thanks to those who NMUd
65 * The only change in this version is to debian/control - I've removed
66 the bit that says you can't export it from the US - it would look
67 pretty daft to say this about a package in main! Also, it's now OK
68 to use crypto in France, so I've edited that comment slightly
69 * Correct a path in README.Debian too (Closes: #138634)
70
71 -- Matthew Vernon <matthew@debian.org> Sun, 4 Apr 2002 09:52:59 +0100
72
73openssh (1:3.0.2p1-8.3) unstable; urgency=medium
74
75 * NMU
76 * Really set urgency to medium this time (oops)
77 * Fix priority to standard per override while I'm at it
78
79 -- Aaron M. Ucko <ucko@debian.org> Sun, 24 Mar 2002 09:00:08 -0500
80
81openssh (1:3.0.2p1-8.2) unstable; urgency=low
82
83 * NMU with maintainer's permission
84 * Prepare for upcoming ssh-nonfree transitional packages per
85 <http://lists.debian.org/debian-ssh/2002/debian-ssh-200203/msg00008.html>
86 * Urgency medium because it would really be good to get this into woody
87 before it releases
88 * Fix sections to match override file
89 * Reissued due to clash with non-US -> main move
90
91 -- Aaron M. Ucko <ucko@debian.org> Sat, 23 Mar 2002 21:21:52 -0500
92
93openssh (1:3.0.2p1-8.1) unstable; urgency=low
94
95 * NMU
96 * Move from non-US to mani
97
98 -- LaMont Jones <lamont@debian.org> Thu, 21 Mar 2002 09:33:50 -0700
99
100openssh (1:3.0.2p1-8) unstable; urgency=critical
101
102 * Security fix - patch from upstream (Closes: #137209, #137210)
103 * Undo the changes in the unreleased -7, since they appear to break
104 things here. Accordingly, the code change is minimal, and I'm
105 happy to get it into testing ASAP
106
107 -- Matthew Vernon <matthew@debian.org> Thu, 7 Mar 2002 14:25:23 +0000
108
109openssh (1:3.0.2p1-7) unstable; urgency=high
110
111 * Build to support IPv6 and IPv4 by default again
112
113 -- Matthew Vernon <matthew@debian.org> Sat, 2 Mar 2002 00:25:05 +0000
114
115openssh (1:3.0.2p1-6) unstable; urgency=high
116
117 * Correct error in the clean target (Closes: #130868)
118
119 -- Matthew Vernon <matthew@debian.org> Sat, 26 Jan 2002 00:32:00 +0000
120
121openssh (1:3.0.2p1-5) unstable; urgency=medium
122
123 * Include the Debian version in our identification, to make it easier to
124 audit networks for patched versions in future
125
126 -- Matthew Vernon <matthew@debian.org> Mon, 21 Jan 2002 17:16:10 +0000
127
128openssh (1:3.0.2p1-4) unstable; urgency=medium
129
130 * If we're asked to not run sshd, stop any running sshd's first
131 (Closes: #129327)
132
133 -- Matthew Vernon <matthew@debian.org> Wed, 16 Jan 2002 21:24:16 +0000
134
135openssh (1:3.0.2p1-3) unstable; urgency=high
136
137 * Fix /etc/pam.d/ssh to not set $MAIL (Closes: #128913)
138 * Remove extra debconf suggestion (Closes: #128094)
139 * Mmm. speedy bug-fixing :-)
140
141 -- Matthew Vernon <matthew@debian.org> Sat, 12 Jan 2002 17:23:58 +0000
142
143openssh (1:3.0.2p1-2) unstable; urgency=high
144
145 * Fix postinst to not automatically overwrite sshd_config (!)
146 (Closes: #127842, #127867)
147 * Add section in README.Debian about the PermitRootLogin setting
148
149 -- Matthew Vernon <matthew@debian.org> Sat, 5 Jan 2003 05:26:30 +0000
150
151openssh (1:3.0.2p1-1) unstable; urgency=high
152
153 * Incorporate fix from Colin's NMU
154 * New upstream version (fixes the bug Wichert fixed) (Closes: #124035)
155 * Capitalise IETF (Closes: #125379)
156 * Refer to the correct sftp-server location (Closes: #126854, #126224)
157 * Do what we're asked re SetUID ssh (Closes: #124065, #124154, #123247)
158 * Ask people upgrading from potato if they want a new conffile
159 (Closes: #125642)
160 * Fix a typo in postinst (Closes: #122192, #122410, #123440)
161 * Frob the default config a little (Closes: #122284, #125827, #125696,
162 #123854)
163 * Make /etc/init.d/ssh be more clear about ssh not running (Closes:
164 #123552)
165 * Fix typo in templates file (Closes: #123411)
166
167 -- Matthew Vernon <matthew@debian.org> Fri, 4 Jan 2002 16:01:52 +0000
168
169openssh (1:3.0.1p1-1.2) unstable; urgency=high
170
171 * Non-maintainer upload
172 * Prevent local users from passing environment variables to the login
173 process when UseLogin is enabled
174
175 -- Wichert Akkerman <wakkerma@debian.org> Mon, 3 Dec 2001 19:34:45 +0100
176
177openssh (1:3.0.1p1-1.1) unstable; urgency=low
178
179 * Non-maintainer upload, at Matthew's request.
180 * Remove sa_restorer assignment to fix compilation on alpha, hppa, and
181 ia64 (closes: #122086).
182
183 -- Colin Watson <cjwatson@debian.org> Sun, 2 Dec 2001 18:54:16 +0000
184
185openssh (1:3.0.1p1-1) unstable; urgency=high
186
187 * New upstream version (Closes: #113646, #113513, #114707, #118564)
188 * Building with a libc that works (!) (Closes: #115228)
189 * Patches forward-ported are -1/-2 options for scp, the improvement to
190 'waiting for forwarded connections to terminate...'
191 * Fix /etc/init.d/ssh to stop sshd properly (Closes: #115228)
192 * /etc/ssh/sshd_config is no longer a conffile but generated in the postinst
193 * Remove suidregister leftover from postrm
194 * Mention key we are making in the postinst
195 * Default to not enable SSH protocol 1 support, since protocol 2 is
196 much safer anyway.
197 * New version of the vpn-fixes patch, from Ian Jackson
198 * New handling of -q, and added new -qq option; thanks to Jon Amery
199 * Experimental smartcard support not enabled, since I have no way of
200 testing it.
201
202 -- Matthew Vernon <matthew@debian.org> Thu, 28 Nov 2001 17:43:01 +0000
203
204openssh (1:2.9p2-6) unstable; urgency=low
205
206 * check for correct file in /etc/init.d/ssh (Closes: #110876)
207 * correct location of version 2 keys in ssh.1 (Closes: #110439)
208 * call update-alternatives --quiet (Closes: #103314)
209 * hack ssh-copy-id to chmod go-w (Closes: #95551)
210 * TEMPORARY fix to provide largefile support using a -D in the cflags
211 line. long-term, upstream will patch the autoconf stuff
212 (Closes: #106809, #111849)
213 * remove /etc/rc references in ssh-keygen.1 (Closes: #68350)
214 * scp.1 patch from Adam McKenna to document -r properly (Closes: #76054)
215 * Check for files containing a newline character (Closes: #111692)
216
217 -- Matthew Vernon <matthew@debian.org> Thu, 13 Sep 2001 16:47:36 +0100
218
219openssh (1:2.9p2-5) unstable; urgency=high
220
221 * Thanks to all the bug-fixers who helped!
222 * remove sa_restorer assignment (Closes: #102837)
223 * patch from Peter Benie to DTRT wrt X forwarding if the server refuses
224 us access (Closes: #48297)
225 * patch from upstream CVS to fix port forwarding (Closes: #107132)
226 * patch from Jonathan Amery to document ssh-keygen behaviour
227 (Closes:#106643, #107512)
228 * patch to postinst from Jonathan Amery (Closes: #106411)
229 * patch to manpage from Jonathan Amery (Closes: #107364)
230 * patch from Matthew Vernon to make -q emit fatal errors as that is the
231 documented behaviour (Closes: #64347)
232 * patch from Ian Jackson to cause us to destroy a file when we scp it
233 onto itself, rather than dumping bits of our memory into it, which was
234 a security hole (see #51955)
235 * patch from Jonathan Amery to document lack of Kerberos support
236 (Closes: #103726)
237 * patch from Matthew Vernon to make the 'waiting for connections to
238 terminate' message more helpful (Closes: #50308)
239
240 -- Matthew Vernon <matthew@debian.org> Thu, 23 Aug 2001 02:14:09 +0100
241
242openssh (1:2.9p2-4) unstable; urgency=high
243
244 * Today's build of ssh is strawberry flavoured
245 * Patch from mhp to reduce length of time sshd is stopped for (Closes: #106176)
246 * Tidy up debconf template (Closes: #106152)
247 * If called non-setuid, then setgid()'s failure should not be fatal (see
248 #105854)
249
250 -- Matthew Vernon <matthew@debian.org> Sun, 22 Jul 2001 14:19:43 +0100
251
252openssh (1:2.9p2-3) unstable; urgency=low
253
254 * Patch from yours truly to add -1 and -2 options to scp (Closes: #106061)
255 * Improve the IdentityFile section in the man page (Closes: #106038)
256
257 -- Matthew Vernon <matthew@debian.org> Sat, 21 Jul 2001 14:47:27 +0100
258
259openssh (1:2.9p2-2) unstable; urgency=low
260
261 * Document the protocol version 2 and IPV6 changes (Closes: #105845, #105868)
262 * Make PrintLastLog 'no' by default (Closes: #105893)
263
264 -- Matthew Vernon <matthew@debian.org> Thu, 19 Jul 2001 18:36:41 +0100
265
266openssh (1:2.9p2-1) unstable; urgency=low
267
268 * new (several..) upstream version (Closes: #96726, #81856, #96335)
269 * Hopefully, this will close some other bugs too
270
271 -- Matthew Vernon <matthew@debian.org> Tue, 17 Jul 2001 19:41:58 +0100
272
273openssh (1:2.5.2p2-3) unstable; urgency=low
274
275 * Taking Over this package
276 * Patches from Robert Bihlmeyer for the Hurd (Closes: #102991)
277 * Put PermitRootLogin back to yes (Closes: #67334, #67371, #78274)
278 * Don't fiddle with conf-files any more (Closes: #69501)
279
280 -- Matthew Vernon <matthew@debian.org> Tue, 03 Jul 2001 02:58:13 +0100
281
282openssh (1:2.5.2p2-2.2) unstable; urgency=low
283
284 * NMU
285 * Include Hurd compatibility patches from Robert Bihlmeyer (Closes: #76033)
286 * Patch from Richard Kettlewell for protocolkeepalives (Closes: #99273)
287 * Patch from Matthew Vernon for BannerTimeOut, batchmode, and
288 documentation for protocolkeepalives. Makes ssh more generally useful
289 for scripting uses (Closes: #82877, #99275)
290 * Set a umask, so ourpidfile isn't world-writable (closes: #100012,
291 #98286, #97391)
292
293 -- Matthew Vernon <matthew@debian.org> Thu, 28 Jun 2001 23:15:42 +0100
294
295openssh (1:2.5.2p2-2.1) unstable; urgency=low
296
297 * NMU
298 * Remove duplicate Build-Depends for libssl096-dev and change it to
299 depend on libssl-dev instaed. Also adding in virtual | real package
300 style build-deps. (Closes: #93793, #75228)
301 * Removing add-log entry (Closes: #79266)
302 * This was a pam bug from a while back (Closes: #86908, #88457, #86843)
303 * pam build-dep already exists (Closes: #93683)
304 * libgnome-dev build-dep already exists (Closes: #93694)
305 * No longer in non-free (Closes: #85401)
306 * Adding in fr debconf translations (Closes: #83783)
307 * Already suggests xbase-clients (Closes: #79741)
308 * No need to suggest libpam-pwdb anymore (Closes: #81658)
309 * Providing rsh-client (Closes: #79437)
310 * hurd patch was already applied (Closes: #76033)
311 * default set to no (Closes: #73682)
312 * Adding in a suggests for dnsutils (Closes: #93265)
313 * postinst bugs fixed (Closes: #88057, #88066, #88196, #88405, #88612)
314 (Closes: #88774, #88196, #89556, #90123, #90228, #90833, #87814, #85465)
315 * Adding in debconf dependency
316
317 -- Ivan E. Moore II <rkrusty@debian.org> Mon, 16 Apr 2001 14:11:04 +0100
318
319openssh (1:2.5.2p2-2) unstable; urgency=high
320
321 * disable the OpenSSL version check in entropy.c
322 (closes: #93581, #93588, #93590, #93614, #93619, #93635, #93648)
323
324 -- Philip Hands <phil@uk.alcove.com> Wed, 11 Apr 2001 20:30:04 +0100
325
326openssh (1:2.5.2p2-1) unstable; urgency=low
327
328 * New upstream release
329 * removed make-ssh-known-hosts, since ssh-keyscan does that job (closes: #86069, #87748)
330 * fix double space indent in german templates (closes: #89493)
331 * make postinst check for ssh_host_rsa_key
332 * get rid of the last of the misguided debian/rules NMU debris :-/
333
334 -- Philip Hands <phil@hands.com> Sat, 24 Mar 2001 20:59:33 +0000
335
336openssh (1:2.5.1p2-2) unstable; urgency=low
337
338 * rebuild with new debhelper (closes: #89558, #89536, #90225)
339 * fix broken dpkg-statoverride test in postinst
340 (closes: #89612, #90474, #90460, #89605)
341 * NMU bug fixed but not closed in last upload (closes: #88206)
342
343 -- Philip Hands <phil@hands.com> Fri, 23 Mar 2001 16:11:33 +0000
344
345openssh (1:2.5.1p2-1) unstable; urgency=high
346
347 * New upstream release
348 * fix typo in postinst (closes: #88110)
349 * revert to setting PAM service name in debian/rules, backing out last
350 NMU, which also (closes: #88101)
351 * restore the pam lastlog/motd lines, lost during the NMUs, and sshd_config
352 * restore printlastlog option patch
353 * revert to using debhelper, which had been partially disabled in NMUs
354
355 -- Philip Hands <phil@hands.com> Tue, 13 Mar 2001 01:41:34 +0000
356
357openssh (1:2.5.1p1-1.8) unstable; urgency=high
358
359 * And now the old pam-bug s/sshd/ssh in ssh.c is also fixed
360
361 -- Christian Kurz <shorty@debian.org> Thu, 1 Mar 2001 19:48:01 +0100
362
363openssh (1:2.5.1p1-1.7) unstable; urgency=high
364
365 * And now we mark the correct binary as setuid, when a user requested
366 to install it setuid.
367
368 -- Christian Kurz <shorty@debian.org> Thu, 1 Mar 2001 07:19:56 +0100
369
370openssh (1:2.5.1p1-1.6) unstable; urgency=high
371
372 * Fixes postinst to handle overrides that are already there. Damn, I
373 should have noticed the bug earlier.
374
375 -- Christian Kurz <shorty@debian.org> Wed, 28 Feb 2001 22:35:00 +0100
376
377openssh (1:2.5.1p1-1.5) unstable; urgency=high
378
379 * Rebuild ssh with pam-support.
380
381 -- Christian Kurz <shorty@debian.org> Mon, 26 Feb 2001 21:55:51 +0100
382
383openssh (1:2.5.1p1-1.4) unstable; urgency=low
384
385 * Added Build-Depends on libssl096-dev.
386 * Fixed sshd_config file to disallow root logins again.
387
388 -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 20:03:55 +0100
389
390openssh (1:2.5.1p1-1.3) unstable; urgency=low
391
392 * Fixed missing manpages for sftp.1 and ssh-keyscan.1
393 * Made package policy 3.5.2 compliant.
394
395 -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 15:46:26 +0100
396
397openssh (1:2.5.1p1-1.2) unstable; urgency=low
398
399 * Added Conflict with sftp, since we now provide our own sftp-client.
400 * Added a fix for our broken dpkg-statoverride call in the
401 2.3.0p1-13.
402 * Fixed some config pathes in the comments of sshd_config.
403 * Removed ssh-key-exchange-vulnerability-patch since it's not needed
404 anymore because upstream included the fix.
405
406 -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 13:46:58 +0100
407
408openssh (1:2.5.1p1-1.1) unstable; urgency=high
409
410 * Another NMU to get the new upstream version 2.5.1p1 into
411 unstable. (Closes: #87123)
412 * Corrected postinst to mark ssh as setuid. (Closes: #86391, #85766)
413 * Key Exchange patch is already included by upstream. (Closes: #86015)
414 * Upgrading should be possible now. (Closes: #85525, #85523)
415 * Added --disable-suid-ssh as compile option, so ssh won't get installed
416 suid per default.
417 * Fixed postinst to run dpkg-statoverride only, when dpkg-statoverride
418 is available and the mode of the binary should be 4755. And also added
419 suggestion for a newer dpkg.
420 (Closes: #85734, #85741, #86876)
421 * sftp and ssh-keyscan will also be included from now on. (Closes: #79994)
422 * scp now understands spaces in filenames (Closes: #53783, #58958,
423 #66723)
424 * ssh-keygen now supports showing DSA fingerprints. (Closes: #68623)
425 * ssh doesn' t show motd anymore when switch -t is used. (Closes #69035)
426 * ssh supports the usage of other dsa keys via the ssh command line
427 options. (Closes: #81250)
428 * Documentation in sshd_config fixed. (Closes: #81088)
429 * primes file included by upstream and included now. (Closes: #82101)
430 * scp now allows dots in the username. (Closes: #82477)
431 * Spelling error in ssh-copy-id.1 corrected by upstream. (Closes: #78124)
432
433 -- Christian Kurz <shorty@debian.org> Sun, 25 Feb 2001 10:06:08 +0100
434
435openssh (1:2.3.0p1-1.13) unstable; urgency=low
436
437 * Config should now also be fixed with this hopefully last NMU.
438
439 -- Christian Kurz <shorty@debian.org> Sat, 10 Feb 2001 22:56:36 +0100
440
441openssh (1:2.3.0p1-1.12) unstable; urgency=high
442
443 * Added suggest for xbase-clients to control-file. (Closes #85227)
444 * Applied patch from Markus Friedl to fix a vulnerability in
445 the rsa keyexchange.
446 * Fixed position of horizontal line. (Closes: #83613)
447 * Fixed hopefully the grep problem in the config-file. (Closes: #78802)
448 * Converted package from suidregister to dpkg-statoverride.
449
450 -- Christian Kurz <shorty@debian.org> Fri, 9 Feb 2001 19:43:55 +0100
451
452openssh (1:2.3.0p1-1.11) unstable; urgency=medium
453
454 * Fixed some typos in the german translation of the debconf
455 template.
456
457 -- Christian Kurz <shorty@debian.org> Wed, 24 Jan 2001 18:22:38 +0100
458
459openssh (1:2.3.0p1-1.10) unstable; urgency=medium
460
461 * Fixed double printing of motd. (Closes: #82618)
462
463 -- Christian Kurz <shorty@debian.org> Tue, 23 Jan 2001 21:03:43 +0100
464
465openssh (1:2.3.0p1-1.9) unstable; urgency=high
466
467 * And the next NMU which includes the patch from Andrew Bartlett
468 and Markus Friedl to fix the root privileges handling of openssh.
469 (Closes: #82657)
470
471 -- Christian Kurz <shorty@debian.org> Wed, 17 Jan 2001 22:20:54 +0100
472
473openssh (1:2.3.0p1-1.8) unstable; urgency=high
474
475 * Applied fix from Ryan Murray to allow building on other architectures
476 since the hurd patch was wrong. (Closes: #82471)
477
478 -- Christian Kurz <shorty@debian.org> Tue, 16 Jan 2001 22:45:51 +0100
479
480openssh (1:2.3.0p1-1.7) unstable; urgency=medium
481
482 * Fixed another typo on sshd_config
483
484 -- Christian Kurz <shorty@debian.org> Sun, 14 Jan 2001 19:01:31 +0100
485
486openssh (1:2.3.0p1-1.6) unstable; urgency=high
487
488 * Added Build-Dependency on groff (Closes: #81886)
489 * Added Build-Depencency on debhelper (Closes: #82072)
490 * Fixed entry for known_hosts in sshd_config (Closes: #82096)
491
492 -- Christian Kurz <shorty@debian.org> Thu, 11 Jan 2001 23:08:16 +0100
493
494openssh (1:2.3.0p1-1.5) unstable; urgency=high
495
496 * Fixed now also the problem with sshd used as default ipv4 and
497 didn't use IPv6. This should be now fixed.
498
499 -- Christian Kurz <shorty@debian.org> Thu, 11 Jan 2001 21:25:55 +0100
500
501openssh (1:2.3.0p1-1.4) unstable; urgency=high
502
503 * Fixed buggy entry in postinst.
504
505 -- Christian Kurz <shorty@debian.org> Wed, 10 Jan 2001 23:12:16 +0100
506
507openssh (1:2.3.0p1-1.3) unstable; urgency=high
508
509 * After finishing the rewrite of the rules-file I had to notice that
510 the manpage installation was broken. This should now work again.
511
512 -- Christian Kurz <shorty@debian.org> Wed, 10 Jan 2001 22:11:59 +0100
513
514openssh (1:2.3.0p1-1.2) unstable; urgency=high
515
516 * Fixed the screwed up build-dependency.
517 * Removed --with-ipv4-default to support ipv6.
518 * Changed makefile to use /etc/pam.d/ssh instead of /etc/pam.d/sshd.
519 * Fixed location to sftp-server in config.
520 * Since debian still relies on /etc/pam.d/ssh instead of moving to
521 /etc/pam.d/sshd, I had to hack ssh.h to get ssh to use this name.
522 * Fixed path to host key in sshd_config.
523
524 -- Christian Kurz <shorty@debian.org> Wed, 10 Jan 2001 08:23:47 +0100
525
526openssh (1:2.3.0p1-1.1) unstable; urgency=medium
527
528 * NMU with permission of Phil Hands.
529 * New upstream release
530 * Update Build-Depends to point to new libssl096.
531 * This upstream release doesn't leak any information depending
532 on the setting of PermitRootLogin (Closes: #59933)
533 * New upstream release contains fix against forcing a client to
534 do X/agent forwarding (Closes: #76788)
535 * Changed template to contain correct path to the documentation
536 (Closes: #67245)
537 * Added --with-4in6 switch as compile option into debian/rules.
538 * Added --with-ipv4-default as compile option into debian/rules.
539 (Closes: #75037)
540 * Changed default path to also contain /usr/local/bin and
541 /usr/X11R6/bin (Closes: #62472,#54567,#62810)
542 * Changed path to sftp-server in sshd_config to match the
543 our package (Closes: #68347)
544 * Replaced OpenBSDh with OpenBSD in the init-script.
545 * Changed location to original source in copyright.head
546 * Changed behaviour of init-script when invoked with the option
547 restart (Closes: #68706,#72560)
548 * Added a note about -L option of scp to README.Debian
549 * ssh won't print now the motd if invoked with -t option
550 (Closes: #59933)
551 * RFC.nroff.gz get's now converted into RFC.gz. (Closes: #63867)
552 * Added a note about tcp-wrapper support to README.Debian
553 (Closes: #72807,#22190)
554 * Removed two unneeded options from building process.
555 * Added sshd.pam into debian dir and install it.
556 * Commented out unnecessary call to dh_installinfo.
557 * Added a line to sshd.pam so that limits will be paid attention
558 to (Closes: #66904)
559 * Restart Option has a Timeout of 10 seconds (Closes: 51264)
560 * scp won't override files anymore (Closes: 51955)
561 * Removed pam_lastlog module, so that the lastlog is now printed
562 only once (Closes: #71742, #68335, #69592, #71495, #77781)
563 * If password is expired, openssh now forces the user to change it.
564 (Closes: #51747)
565 * scp should now have no more problems with shell-init-files that
566 produces ouput (Closes: #56280,#59873)
567 * ssh now prints the motd correctly (Closes: #66926)
568 * ssh upgrade should disable ssh daemon only if users has choosen
569 to do so (Closes: #67478)
570 * ssh can now be installed suid (Closes: #70879)
571 * Modified debian/rules to support hurd.
572
573 -- Christian Kurz <shorty@debian.org> Wed, 27 Dec 2000 20:06:57 +0100
574
575openssh (1:2.2.0p1-1.1) unstable; urgency=medium
576
577 * Non-Maintainer Upload
578 * Check for new returns in the new libc
579 (closes: #72803, #74393, #72797, #71307, #71702)
580 * Link against libssl095a (closes: #66304)
581 * Correct check for PermitRootLogin (closes: #69448)
582
583 -- Ryan Murray <rmurray@debian.org> Wed, 18 Oct 2000 00:48:18 -0700
584
585openssh (1:2.2.0p1-1) unstable; urgency=low
586
587 * New upstream release
588
589 -- Philip Hands <phil@hands.com> Mon, 11 Sep 2000 14:49:43 +0100
590
591openssh (1:2.1.1p4-3) unstable; urgency=low
592
593 * add rsh alternatives
594 * add -S option to scp (using Tommi Virtanen's patch) (closes: #63097)
595 * do the IPV4_DEFAULT thing properly this time
596
597 -- Philip Hands <phil@hands.com> Fri, 11 Aug 2000 18:14:37 +0100
598
599openssh (1:2.1.1p4-2) unstable; urgency=low
600
601 * reinstate manpage .out patch from 1:1.2.3
602 * fix typo in postinst
603 * only compile ssh with IPV4_DEFAULT
604 * apply James Troup's patch to add a -o option to scp and updated manpage
605
606 -- Philip Hands <phil@hands.com> Sun, 30 Jul 2000 00:12:49 +0100
607
608openssh (1:2.1.1p4-1) unstable; urgency=low
609
610 * New upstream release
611
612 -- Philip Hands <phil@hands.com> Sat, 29 Jul 2000 14:46:16 +0100
613
614openssh (1:1.2.3-10) unstable; urgency=low
615
616 * add version to libpam-modules dependency, because old versions of
617 pam_motd make it impossible to log in.
618
619 -- Philip Hands <phil@hands.com> Sat, 29 Jul 2000 13:28:22 +0100
620
621openssh (1:1.2.3-9) frozen unstable; urgency=low
622
623 * force location of /usr/bin/X11/xauth
624 (closes: #64424, #66437, #66859) *RC*
625 * typos in config (closes: #66779, #66780)
626 * sshd_not_to_be_run could be assumed to be true, in error, if the config
627 script died in an unusual way --- I've reversed this (closes: #66335)
628 * Apply Zack Weinberg <zack@wolery.cumb.org>'s patch to ssh-askpass-ptk
629 (closes: #65981)
630 * change default for PermitRootLogin to "no" (closes: #66406)
631
632 -- Philip Hands <phil@hands.com> Tue, 11 Jul 2000 20:51:18 +0100
633
634openssh (1:1.2.3-8) frozen unstable; urgency=low
635
636 * get rid of Provides: rsh-server (this will mean that rstartd
637 will need to change it's depends to deal with #63948, which I'm
638 reopening) (closes: #66257)
639 Given that this is also a trivial change, and is a reversal of a
640 change that was mistakenly made after the freeze, I think this should
641 also go into frozen.
642
643 -- Philip Hands <phil@hands.com> Wed, 28 Jun 2000 03:26:30 +0100
644
645openssh (1:1.2.3-7) frozen unstable; urgency=low
646
647 * check if debconf is installed before calling db_stop in postinst.
648 This is required to allow ssh to be installed when debconf is not
649 wanted, which probably makes it an RC upload (hopefully the last of
650 too many).
651
652 -- Philip Hands <phil@hands.com> Wed, 28 Jun 2000 03:19:47 +0100
653
654openssh (1:1.2.3-6) frozen unstable; urgency=low
655
656 * fixed depressing little bug involving a line wrap looking like
657 a blank line in the templates file *RC*
658 (closes: #66090, #66078, #66083, #66182)
659
660 -- Philip Hands <phil@hands.com> Mon, 26 Jun 2000 00:45:05 +0100
661
662openssh (1:1.2.3-5) frozen unstable; urgency=low
663
664 * add code to prevent UseLogin exploit, although I think our PAM
665 conditional code breaks UseLogin in a way that protects us from this
666 exploit anyway. ;-) (closes: #65495) *RC*
667 * Apply Zack Weinberg <zack@wolery.cumb.org>'s patch to fix keyboard
668 grab vulnerability in ssh-askpass-gnome (closes: #64795) *RC*
669 * stop redirection of sshd's file descriptors (introduced in 1:1.2.3-3)
670 and use db_stop in the postinst to solve that problem instead
671 (closes: #65104)
672 * add Provides: rsh-server to ssh (closes: #63948)
673 * provide config option not to run sshd
674
675 -- Philip Hands <phil@hands.com> Mon, 12 Jun 2000 23:05:11 +0100
676
677openssh (1:1.2.3-4) frozen unstable; urgency=low
678
679 * fixes #63436 which is *RC*
680 * add 10 second pause in init.d restart (closes: #63844)
681 * get rid of noenv in PAM mail line (closes: #63856)
682 * fix host key path in make-ssh-known-hosts (closes: #63713)
683 * change wording of SUID template (closes: #62788, #63436)
684
685 -- Philip Hands <phil@hands.com> Sat, 27 May 2000 11:18:06 +0100
686
687openssh (1:1.2.3-3) frozen unstable; urgency=low
688
689 * redirect sshd's file descriptors to /dev/null in init to
690 prevent debconf from locking up during installation
691 ** grave bug just submited by me **
692
693 -- Philip Hands <phil@hands.com> Thu, 20 Apr 2000 17:10:59 +0100
694
695openssh (1:1.2.3-2) frozen unstable; urgency=low
696
697 * allow user to select SUID status of /usr/bin/ssh (closes: 62462) ** RC **
698 * suggest debconf
699 * conflict with debconf{,-tiny} (<<0.2.17) so I can clean up the preinst
700
701 -- Philip Hands <phil@hands.com> Wed, 19 Apr 2000 17:49:15 +0100
702
703openssh (1:1.2.3-1) frozen unstable; urgency=low
704
705 * New upstream release
706 * patch sshd to create extra xauth key required for localhost
707 (closes: #49944) *** RC ***
708 * FallbacktoRsh now defaults to ``no'' to match impression
709 given in sshd_config
710 * stop setting suid bit on ssh (closes: #58711, #58558)
711 This breaks Rhosts authentication (which nobody uses) and allows
712 the LD_PRELOAD trick to get socks working, so seems like a net benefit.
713
714 -- Philip Hands <phil@hands.com> Thu, 13 Apr 2000 20:01:54 +0100
715
716openssh (1:1.2.2-1.4) frozen unstable; urgency=low
717
718 * Recompile for frozen, contains fix for RC bug.
719
720 -- Tommi Virtanen <tv@debian.org> Tue, 29 Feb 2000 22:14:58 +0200
721
722openssh (1:1.2.2-1.3) unstable; urgency=low
723
724 * Integrated man page addition for PrintLastLog.
725 This bug was filed on "openssh", and I ended up
726 creating my own patch for this (closes: #59054)
727 * Improved error message when ssh_exchange_identification
728 gets EOF (closes: #58904)
729 * Fixed typo (your -> you're) in debian/preinst.
730 * Added else-clauses to config to make this upgradepath possible:
731 oldssh -> openssh preinst fails due to upgrade_to_openssh=false
732 -> ssh-nonfree -> openssh. Without these, debconf remembered
733 the old answer, config didn't force asking it, and preinst always
734 aborted (closes: #56596, #57782)
735 * Moved setting upgrade_to_openssh isdefault flag to the place
736 where preinst would abort. This means no double question to most
737 users, people who currently suffer from "can't upgrade" may need
738 to run apt-get install ssh twice. Did not do the same for
739 use_old_init_script, as the situation is a bit different, and
740 less common (closes: #54010, #56224)
741 * Check for existance of ssh-keygen before attempting to use it in
742 preinst, added warning for non-existant ssh-keygen in config. This
743 happens when the old ssh is removed (say, due to ssh-nonfree getting
744 installed).
745
746 -- Tommi Virtanen <tv@debian.org> Sun, 27 Feb 2000 21:36:43 +0200
747
748openssh (1:1.2.2-1.2) frozen unstable; urgency=low
749
750 * Non-maintainer upload.
751 * Added configuration option PrintLastLog, default off due to PAM
752 (closes: #54007, #55042)
753 * ssh-askpass-{gnome,ptk} now provide ssh-askpass, making ssh's
754 Suggests: line more accurate. Also closing related bugs fixed
755 earlier, when default ssh-askpass moved to /usr/bin.
756 (closes: #52403, #54741, #50607, #52298, #50967, #51661)
757 * Patched to call vhangup, with autoconf detection and all
758 (closes: #55379)
759 * Added --with-ipv4-default workaround to a glibc bug causing
760 slow DNS lookups, as per UPGRADING. Use -6 to really use
761 IPv6 addresses. (closes: #57891, #58744, #58713, #57970)
762 * Added noenv to PAM pam_mail line. Thanks to Ben Collins.
763 (closes: #58429)
764 * Added the UPGRADING file to the package.
765 * Added frozen to the changelog line and recompiled before
766 package was installed into the archive.
767
768 -- Tommi Virtanen <tv@debian.org> Fri, 25 Feb 2000 22:08:57 +0200
769
770openssh (1:1.2.2-1.1) frozen unstable; urgency=low
771
772 * Non-maintainer upload.
773 * Integrated scp pipe buffer patch from Ben Collins
774 <benc@debian.org>, should now work even if reading
775 a pipe gives less than fstat st_blksize bytes.
776 Should now work on Alpha and Sparc Linux (closes: #53697, #52071)
777 * Made ssh depend on libssl09 (>= 0.9.4-3) (closes: #51393)
778 * Integrated patch from Ben Collins <benc@debian.org>
779 to do full shadow account locking and expiration
780 checking (closes: #58165, #51747)
781
782 -- Tommi Virtanen <tv@debian.org> Tue, 22 Feb 2000 20:46:12 +0200
783
784openssh (1:1.2.2-1) frozen unstable; urgency=medium
785
786 * New upstream release (closes: #56870, #56346)
787 * built against new libesd (closes: #56805)
788 * add Colin Watson <cjw44@cam.ac.uk> =NULL patch
789 (closes: #49902, #54894)
790 * use socketpairs as suggested by Andrew Tridgell to eliminate rsync
791 (and other) lockups
792 * patch SSHD_PAM_SERVICE back into auth-pam.c, again :-/
793 (closes: #49902, #55872, #56959)
794 * uncoment the * line in ssh_config (closes: #56444)
795
796 * #54894 & #49902 are release critical, so this should go in frozen
797
798 -- Philip Hands <phil@hands.com> Wed, 9 Feb 2000 04:52:04 +0000
799
800openssh (1:1.2.1pre24-1) unstable; urgency=low
801
802 * New upstream release
803
804 -- Philip Hands <phil@hands.com> Fri, 31 Dec 1999 02:47:24 +0000
805
806openssh (1:1.2.1pre23-1) unstable; urgency=low
807
808 * New upstream release
809 * excape ? in /etc/init.d/ssh (closes: #53269)
810
811 -- Philip Hands <phil@hands.com> Wed, 29 Dec 1999 16:50:46 +0000
812
813openssh (1:1.2pre17-1) unstable; urgency=low
814
815 * New upstream release
816
817 -- Philip Hands <phil@hands.com> Thu, 9 Dec 1999 16:50:40 +0000
818
819openssh (1:1.2pre16-1) unstable; urgency=low
820
821 * New upstream release
822 * upstream release (1.2pre14) (closes: #50299)
823 * make ssh depend on libwrap0 (>= 7.6-1.1) (closes: #50973, #50776)
824 * dispose of grep -q broken pipe message in config script (closes: #50855)
825 * add make-ssh-known-hosts (closes: #50660)
826 * add -i option to ssh-copy-id (closes: #50657)
827 * add check for *LK* in password, indicating a locked account
828
829 -- Philip Hands <phil@hands.com> Wed, 8 Dec 1999 22:59:38 +0000
830
831openssh (1:1.2pre13-1) unstable; urgency=low
832
833 * New upstream release
834 * make sshd.c use SSHD_PAM_SERVICE and define it as "ssh" in debian/rules
835 * remove duplicate line in /etc/pam.d/ssh (closes: #50310)
836 * mention ssh -A option in ssh.1 & ssh_config
837 * enable forwarding to localhost in default ssh_config (closes: #50373)
838 * tweak preinst to deal with debconf being `unpacked'
839 * use --with-tcp-wrappers (closes: #49545)
840
841 -- Philip Hands <phil@hands.com> Sat, 20 Nov 1999 14:20:04 +0000
842
843openssh (1:1.2pre11-2) unstable; urgency=low
844
845 * oops, just realised that I forgot to strip out the unpleasant
846 fiddling mentioned below (which turned not to be a fix anyway)
847
848 -- Philip Hands <phil@hands.com> Mon, 15 Nov 1999 01:35:23 +0000
849
850openssh (1:1.2pre11-1) unstable; urgency=low
851
852 * New upstream release (closes: #49722)
853 * add 2>/dev/null to dispose of spurious message casused by grep -q
854 (closes: #49876, #49604)
855 * fix typo in debian/control (closes: #49841)
856 * Do some unpleasant fiddling with upgraded keys in the preinst, which
857 should make the keylength problem go away. (closes: #49676)
858 * make pam_start in sshd use ``ssh'' as the service name (closes: #49956)
859 * If /etc/ssh/NOSERVER exist, stop sshd from starting (closes: #47107)
860 * apply Ben Collins <bcollins@debian.org>'s shadow patch
861 * disable lastlogin and motd printing if using pam (closes: #49957)
862 * add ssh-copy-id script and manpage
863
864 -- Philip Hands <phil@hands.com> Fri, 12 Nov 1999 01:03:38 +0000
865
866openssh (1:1.2pre9-1) unstable; urgency=low
867
868 * New upstream release
869 * apply Chip Salzenberg <chip@valinux.com>'s SO_REUSEADDR patch
870 to channels.c, to make forwarded ports instantly reusable
871 * replace Pre-Depend: debconf with some check code in preinst
872 * make the ssh-add ssh-askpass failure message more helpful
873 * fix the ssh-agent getopts bug (closes: #49426)
874 * fixed typo on Suggests: line (closes: #49704, #49571)
875 * tidy up ssh package description (closes: #49642)
876 * make ssh suid (closes: #49635)
877 * in preinst upgrade code, ensure ssh_host_keys is mode 600 (closes: #49606)
878 * disable agent forwarding by default, for the similar reasons as
879 X forwarding (closes: #49586)
880
881 -- Philip Hands <phil@hands.com> Tue, 9 Nov 1999 09:57:47 +0000
882
883openssh (1:1.2pre7-4) unstable; urgency=low
884
885 * predepend on debconf (>= 0.2.17) should now allow preinst questions
886
887 -- Philip Hands <phil@hands.com> Sat, 6 Nov 1999 10:31:06 +0000
888
889openssh (1:1.2pre7-3) unstable; urgency=low
890
891 * add ssh-askpass package using Tommi Virtanen's perl-tk script
892 * add ssh-preconfig package cludge
893 * add usage hints to ssh-agent.1
894
895 -- Philip Hands <phil@hands.com> Fri, 5 Nov 1999 00:38:33 +0000
896
897openssh (1:1.2pre7-2) unstable; urgency=low
898
899 * use pam patch from Ben Collins <bcollins@debian.org>
900 * add slogin symlink to Makefile.in
901 * change /usr/bin/login to LOGIN_PROGRAM define of /bin/login
902 * sort out debconf usage
903 * patch from Tommi Virtanen <tv@debian.org>'s makes ssh-add use ssh-askpass
904
905 -- Philip Hands <phil@hands.com> Thu, 4 Nov 1999 11:08:54 +0000
906
907openssh (1:1.2pre7-1) unstable; urgency=low
908
909 * New upstream release
910
911 -- Philip Hands <phil@hands.com> Tue, 2 Nov 1999 21:02:37 +0000
912
913openssh (1:1.2.0.pre6db1-2) unstable; urgency=low
914
915 * change the binary package name to ssh (the non-free branch of ssh has
916 been renamed to ssh-nonfree)
917 * make pam file comply with Debian standards
918 * use an epoch to make sure openssh supercedes ssh-nonfree
919
920 -- Philip Hands <phil@hands.com> Sat, 30 Oct 1999 16:26:05 +0100
921
922openssh (1.2pre6db1-1) unstable; urgency=low
923
924 * New upstream source
925 * sshd accepts logins now!
926
927 -- Dan Brosemer <odin@linuxfreak.com> Fri, 29 Oct 1999 11:13:38 -0500
928
929openssh (1.2.0.19991028-1) unstable; urgency=low
930
931 * New upstream source
932 * Added test for -lnsl to configure script
933
934 -- Dan Brosemer <odin@linuxfreak.com> Thu, 28 Oct 1999 18:52:09 -0500
935
936openssh (1.2.0.19991027-3) unstable; urgency=low
937
938 * Initial release
939
940 -- Dan Brosemer <odin@linuxfreak.com> Wed, 27 Oct 1999 19:39:46 -0500
941
942Local variables:
943mode: debian-changelog
944End: