diff options
| author | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
| commit | 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch) | |
| tree | 89400a44e42d84937deba7864e4964d6c7734da5 /debian/patches/ssh1-keepalive.patch | |
| parent | 87c685b8c6a49814fd782288097b3093f975aa72 (diff) | |
| parent | 3a7e89697ca363de0f64e0d5704c57219294e41c (diff) | |
* New upstream release (http://www.openssh.org/txt/release-5.9).
- Introduce sandboxing of the pre-auth privsep child using an optional
sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
mandatory restrictions on the syscalls the privsep child can perform.
- Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt.
- The pre-authentication sshd(8) privilege separation slave process now
logs via a socket shared with the master process, avoiding the need to
maintain /dev/log inside the chroot (closes: #75043, #429243,
#599240).
- ssh(1) now warns when a server refuses X11 forwarding (closes:
#504757).
- sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
separated by whitespace (closes: #76312). The authorized_keys2
fallback is deprecated but documented (closes: #560156).
- ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4
ToS/DSCP (closes: #498297).
- ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add
- < /path/to/key" (closes: #229124).
- Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691).
- Say "required" rather than "recommended" in unprotected-private-key
warning (LP: #663455).
Diffstat (limited to 'debian/patches/ssh1-keepalive.patch')
| -rw-r--r-- | debian/patches/ssh1-keepalive.patch | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/debian/patches/ssh1-keepalive.patch b/debian/patches/ssh1-keepalive.patch index 5f1caddc9..d5a7fe07a 100644 --- a/debian/patches/ssh1-keepalive.patch +++ b/debian/patches/ssh1-keepalive.patch | |||
| @@ -7,7 +7,7 @@ Index: b/clientloop.c | |||
| 7 | =================================================================== | 7 | =================================================================== |
| 8 | --- a/clientloop.c | 8 | --- a/clientloop.c |
| 9 | +++ b/clientloop.c | 9 | +++ b/clientloop.c |
| 10 | @@ -547,16 +547,21 @@ | 10 | @@ -545,16 +545,21 @@ |
| 11 | static void | 11 | static void |
| 12 | server_alive_check(void) | 12 | server_alive_check(void) |
| 13 | { | 13 | { |
| @@ -38,7 +38,7 @@ Index: b/clientloop.c | |||
| 38 | } | 38 | } |
| 39 | 39 | ||
| 40 | /* | 40 | /* |
| 41 | @@ -616,7 +621,7 @@ | 41 | @@ -614,7 +619,7 @@ |
| 42 | */ | 42 | */ |
| 43 | 43 | ||
| 44 | timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ | 44 | timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ |
| @@ -51,7 +51,7 @@ Index: b/ssh_config.5 | |||
| 51 | =================================================================== | 51 | =================================================================== |
| 52 | --- a/ssh_config.5 | 52 | --- a/ssh_config.5 |
| 53 | +++ b/ssh_config.5 | 53 | +++ b/ssh_config.5 |
| 54 | @@ -1047,7 +1047,10 @@ | 54 | @@ -1089,7 +1089,10 @@ |
| 55 | .Cm ServerAliveCountMax | 55 | .Cm ServerAliveCountMax |
| 56 | is left at the default, if the server becomes unresponsive, | 56 | is left at the default, if the server becomes unresponsive, |
| 57 | ssh will disconnect after approximately 45 seconds. | 57 | ssh will disconnect after approximately 45 seconds. |