Flesh out changelog for upstream changes in 4.2p1.

author: Colin Watson <cjwatson@debian.org> 2005-09-14 13:41:06 +0000
committer: Colin Watson <cjwatson@debian.org> 2005-09-14 13:41:06 +0000
commit: b34b9bce64898ec4b444424c9211619a2249f583 (patch)
tree: 13aad55093518f2b699d023a2ce9545935554ae2 /debian
parent: 76eee7cb12c22d950044f3b6f2ca242ff37b965b (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 1ee13f203..1d527aa7c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,19 @@
 openssh (1:4.2p1-1) UNRELEASED; urgency=low
  * New upstream release.
+    - SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts
+      to be incorrectly activated for dynamic ("-D") port forwardings when
+      no listen address was explicitly specified (closes: #326065).
+    - Add a new compression method ("Compression delayed") that delays zlib
+      compression until after authentication, eliminating the risk of zlib
+      vulnerabilities being exploited by unauthenticated users. Note that
+      users of OpenSSH versions earlier than 3.5 will need to disable
+      compression on the client or set "Compression yes" (losing this
+      security benefit) on the server.
+    - Increase the default size of new RSA/DSA keys generated by ssh-keygen
+      from 1024 to 2048 bits (closes: #181162).
+    - Many bugfixes and improvements to connection multiplexing.
+    - Don't pretend to accept $HOME (closes: #208648).
  * debian/rules: Resynchronise CFLAGS with that generated by configure.
 -- Colin Watson <cjwatson@debian.org>  Wed, 14 Sep 2005 13:35:17 +0100
author	Colin Watson <cjwatson@debian.org>	2005-09-14 13:41:06 +0000
committer	Colin Watson <cjwatson@debian.org>	2005-09-14 13:41:06 +0000
commit	b34b9bce64898ec4b444424c9211619a2249f583 (patch)
tree	13aad55093518f2b699d023a2ce9545935554ae2 /debian
parent	76eee7cb12c22d950044f3b6f2ca242ff37b965b (diff)

diff --git a/debian/changelog b/debian/changelog index 1ee13f203..1d527aa7c 100644 --- a/debian/changelog +++ b/debian/changelog
@@ -1,6 +1,19 @@
1	openssh (1:4.2p1-1) UNRELEASED; urgency=low	1	openssh (1:4.2p1-1) UNRELEASED; urgency=low
2		2
3	* New upstream release.	3	* New upstream release.
		4	- SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts
		5	to be incorrectly activated for dynamic ("-D") port forwardings when
		6	no listen address was explicitly specified (closes: #326065).
		7	- Add a new compression method ("Compression delayed") that delays zlib
		8	compression until after authentication, eliminating the risk of zlib
		9	vulnerabilities being exploited by unauthenticated users. Note that
		10	users of OpenSSH versions earlier than 3.5 will need to disable
		11	compression on the client or set "Compression yes" (losing this
		12	security benefit) on the server.
		13	- Increase the default size of new RSA/DSA keys generated by ssh-keygen
		14	from 1024 to 2048 bits (closes: #181162).
		15	- Many bugfixes and improvements to connection multiplexing.
		16	- Don't pretend to accept $HOME (closes: #208648).
4	* debian/rules: Resynchronise CFLAGS with that generated by configure.	17	* debian/rules: Resynchronise CFLAGS with that generated by configure.
5		18
6	-- Colin Watson <cjwatson@debian.org> Wed, 14 Sep 2005 13:35:17 +0100	19	-- Colin Watson <cjwatson@debian.org> Wed, 14 Sep 2005 13:35:17 +0100