diff options
author | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
commit | 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch) | |
tree | 89400a44e42d84937deba7864e4964d6c7734da5 /debian/patches/syslog-level-silent.patch | |
parent | 87c685b8c6a49814fd782288097b3093f975aa72 (diff) | |
parent | 3a7e89697ca363de0f64e0d5704c57219294e41c (diff) |
* New upstream release (http://www.openssh.org/txt/release-5.9).
- Introduce sandboxing of the pre-auth privsep child using an optional
sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
mandatory restrictions on the syscalls the privsep child can perform.
- Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt.
- The pre-authentication sshd(8) privilege separation slave process now
logs via a socket shared with the master process, avoiding the need to
maintain /dev/log inside the chroot (closes: #75043, #429243,
#599240).
- ssh(1) now warns when a server refuses X11 forwarding (closes:
#504757).
- sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
separated by whitespace (closes: #76312). The authorized_keys2
fallback is deprecated but documented (closes: #560156).
- ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4
ToS/DSCP (closes: #498297).
- ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add
- < /path/to/key" (closes: #229124).
- Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691).
- Say "required" rather than "recommended" in unprotected-private-key
warning (LP: #663455).
Diffstat (limited to 'debian/patches/syslog-level-silent.patch')
-rw-r--r-- | debian/patches/syslog-level-silent.patch | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch index 9b560217f..90ddca4ad 100644 --- a/debian/patches/syslog-level-silent.patch +++ b/debian/patches/syslog-level-silent.patch | |||
@@ -14,7 +14,7 @@ Index: b/log.c | |||
14 | =================================================================== | 14 | =================================================================== |
15 | --- a/log.c | 15 | --- a/log.c |
16 | +++ b/log.c | 16 | +++ b/log.c |
17 | @@ -90,6 +90,7 @@ | 17 | @@ -92,6 +92,7 @@ |
18 | LogLevel val; | 18 | LogLevel val; |
19 | } log_levels[] = | 19 | } log_levels[] = |
20 | { | 20 | { |
@@ -26,10 +26,10 @@ Index: b/ssh.c | |||
26 | =================================================================== | 26 | =================================================================== |
27 | --- a/ssh.c | 27 | --- a/ssh.c |
28 | +++ b/ssh.c | 28 | +++ b/ssh.c |
29 | @@ -641,7 +641,7 @@ | 29 | @@ -678,7 +678,7 @@ |
30 | tty_flag = 0; | ||
31 | /* Do not allocate a tty if stdin is not a tty. */ | 30 | /* Do not allocate a tty if stdin is not a tty. */ |
32 | if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { | 31 | if ((!isatty(fileno(stdin)) || stdin_null_flag) && |
32 | options.request_tty != REQUEST_TTY_FORCE) { | ||
33 | - if (tty_flag) | 33 | - if (tty_flag) |
34 | + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) | 34 | + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) |
35 | logit("Pseudo-terminal will not be allocated because " | 35 | logit("Pseudo-terminal will not be allocated because " |