29 files changed, 48 insertions, 128 deletions
diff --git a/clientloop.c b/clientloop.c
index 5c2b7217f..5653cc489 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -578,21 +578,16 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
 static void
 server_alive_check(void)
 {
-        if (compat20) {
+        if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
-                if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
+                logit("Timeout, server %s not responding.", host);
-                        logit("Timeout, server %s not responding.", host);
+                cleanup_exit(255);
-                        cleanup_exit(255);
-                }
-                packet_start(SSH2_MSG_GLOBAL_REQUEST);
-                packet_put_cstring("keepalive@openssh.com");
-                packet_put_char(1);     /* boolean: want reply */
-                packet_send();
-                /* Insert an empty placeholder to maintain ordering */
-                client_register_global_confirm(NULL, NULL);
-        } else {
-                packet_send_ignore(0);
-                packet_send();
        }
+        packet_start(SSH2_MSG_GLOBAL_REQUEST);
+        packet_put_cstring("keepalive@openssh.com");
+        packet_put_char(1);     /* boolean: want reply */
+        packet_send();
+        /* Insert an empty placeholder to maintain ordering */
+        client_register_global_confirm(NULL, NULL);
 }
 /*
@@ -654,7 +649,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
         */
        timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */
-        if (options.server_alive_interval > 0) {
+        if (options.server_alive_interval > 0 && compat20) {
                timeout_secs = options.server_alive_interval;
                server_alive_time = now + options.server_alive_interval;
        }
diff --git a/debian/.git-dpm b/debian/.git-dpm
index 3e36366c8..85a70696c 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-733c4de05612fe398ac3dc7d31d318d7012fda05
+c975d37df187e00832d6b6070731b8a8c16a6f56
-733c4de05612fe398ac3dc7d31d318d7012fda05
+c975d37df187e00832d6b6070731b8a8c16a6f56
 651211fd4a199b299540c00c54a46e27fadb04be
 651211fd4a199b299540c00c54a46e27fadb04be
 openssh_7.1p1.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 31de67bbf..672d02bb0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,9 @@
 openssh (1:7.1p1-2) UNRELEASED; urgency=medium
  * Really enable conch interoperability tests under autopkgtest.
+  * Drop SSH1 keepalive patch.  Now that SSH1 is disabled at compile-time,
+    it's been rejected upstream and there isn't much point carrying it any
+    more.
 -- Colin Watson <cjwatson@debian.org>  Thu, 03 Dec 2015 11:59:32 +0000
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch
index e5cbafbfe..d9c5f4001 100644
--- a/debian/patches/auth-log-verbosity.patch
+++ b/debian/patches/auth-log-verbosity.patch
@@ -1,4 +1,4 @@
-From 36dac160eeb9000539ca78f9734bb220258df146 Mon Sep 17 00:00:00 2001
+From 2e8f32e76f598143900914f3f61f2448bbc98cae Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:02 +0000
 Subject: Quieten logs when multiple from= restrictions are used
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index b1d1dac27..3c41df483 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -1,4 +1,4 @@
-From ca0198a88f1eaae2962454c228e79437dc6080bf Mon Sep 17 00:00:00 2001
+From 648f76a35334b75f51f9a1178172a29e108a26bd Mon Sep 17 00:00:00 2001
 From: Tomas Pospisek <tpo_deb@sourcepole.ch>
 Date: Sun, 9 Feb 2014 16:10:07 +0000
 Subject: Install authorized_keys(5) as a symlink to sshd(8)
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 59de3b115..8705f10b0 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
-From e4e2b402150f28abadcd565941ab51c2bcbac8ce Mon Sep 17 00:00:00 2001
+From d3faad3474e9ea9c9896aaf5fb3398964043d823 Mon Sep 17 00:00:00 2001
 From: Kees Cook <kees@debian.org>
 Date: Sun, 9 Feb 2014 16:10:06 +0000
 Subject: Add DebianBanner server configuration option
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index ddc9de44a..7a78e5765 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
-From 733c4de05612fe398ac3dc7d31d318d7012fda05 Mon Sep 17 00:00:00 2001
+From c975d37df187e00832d6b6070731b8a8c16a6f56 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:18 +0000
 Subject: Various Debian-specific configuration changes
@@ -107,7 +107,7 @@ index 228e5ab..c9386aa 100644
 +    GSSAPIAuthentication yes
 +    GSSAPIDelegateCredentials no
 diff --git a/ssh_config.5 b/ssh_config.5
-index 680ca17..981197d 100644
+index d4928b8..81b9b74 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
 @@ -74,6 +74,22 @@ Since the first obtained value for each parameter is used, more
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch
index 3d4341ff2..c60ee5e2a 100644
--- a/debian/patches/dnssec-sshfp.patch
+++ b/debian/patches/dnssec-sshfp.patch
@@ -1,4 +1,4 @@
-From a8e8eba67d79734c2f0b85c54aa5d60132b6e2e8 Mon Sep 17 00:00:00 2001
+From 721e2eddc34e490480dff698b50cdaf8a8098969 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:01 +0000
 Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index 42d83959b..ccfc44925 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -1,4 +1,4 @@
-From 133721fc651693820cf41563418d26fccdedd742 Mon Sep 17 00:00:00 2001
+From f0577ce8bbf5f0307805e2533912921081360c2c Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:11 +0000
 Subject: Document that HashKnownHosts may break tab-completion
@@ -13,7 +13,7 @@ Patch-Name: doc-hash-tab-completion.patch
 1 file changed, 3 insertions(+)
 diff --git a/ssh_config.5 b/ssh_config.5
-index 37f3ab8..680ca17 100644
+index 1e9c058..d4928b8 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
 @@ -809,6 +809,9 @@ Note that existing names and addresses in known hosts files
diff --git a/debian/patches/doc-upstart.patch b/debian/patches/doc-upstart.patch
index 357d7318e..a03a49e42 100644
--- a/debian/patches/doc-upstart.patch
+++ b/debian/patches/doc-upstart.patch
@@ -1,4 +1,4 @@
-From fc8c21a1b1b6710b2b41a8daef56d00bfb19885d Mon Sep 17 00:00:00 2001
+From 2dd09da306fcf40948da724f0ff0f613e308b361 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:10:12 +0000
 Subject: Refer to ssh's Upstart job as well as its init script
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch
index ba9825f40..8ca827371 100644
--- a/debian/patches/gnome-ssh-askpass2-icon.patch
+++ b/debian/patches/gnome-ssh-askpass2-icon.patch
@@ -1,4 +1,4 @@
-From d45f510086dc79305ea6cfd336908798fbbda563 Mon Sep 17 00:00:00 2001
+From 578735f51e7152d29963531d9840b7062141a68e Mon Sep 17 00:00:00 2001
 From: Vincent Untz <vuntz@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:10:16 +0000
 Subject: Give the ssh-askpass-gnome window a default icon
diff --git a/debian/patches/helpful-wait-terminate.patch b/debian/patches/helpful-wait-terminate.patch
index a5ea56083..bb7acfc0d 100644
--- a/debian/patches/helpful-wait-terminate.patch
+++ b/debian/patches/helpful-wait-terminate.patch
@@ -1,4 +1,4 @@
-From 4ba040812693f5823bc8643cfb82a581a5e8e5db Mon Sep 17 00:00:00 2001
+From 0fe621a2c5a90e37e9a1afa8b56fd04fb1c53eef Mon Sep 17 00:00:00 2001
 From: Matthew Vernon <matthew@debian.org>
 Date: Sun, 9 Feb 2014 16:09:56 +0000
 Subject: Mention ~& when waiting for forwarded connections to terminate
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 81c8935b1..287cfe886 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -1,4 +1,4 @@
-From 5664b20b9d8ee691d664333b83ebb5e7560933a4 Mon Sep 17 00:00:00 2001
+From 43c55250c94601ae868e2caca8f008c1b0da1247 Mon Sep 17 00:00:00 2001
 From: Richard Kettlewell <rjk@greenend.org.uk>
 Date: Sun, 9 Feb 2014 16:09:52 +0000
 Subject: Various keepalive extensions
@@ -72,7 +72,7 @@ index 522ad37..46c343f 100644
                options->server_alive_count_max = 3;
        if (options->control_master == -1)
 diff --git a/ssh_config.5 b/ssh_config.5
-index 673d0b7..4e34115 100644
+index cac8cda..78e918a 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
 @@ -233,8 +233,12 @@ Valid arguments are
@@ -89,7 +89,7 @@ index 673d0b7..4e34115 100644
 The argument must be
 .Dq yes
 or
-@@ -1479,8 +1483,15 @@ from the server,
+@@ -1476,8 +1480,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
@@ -106,7 +106,7 @@ index 673d0b7..4e34115 100644
 .It Cm StreamLocalBindMask
 Sets the octal file creation mode mask
 .Pq umask
-@@ -1546,6 +1557,12 @@ Specifies whether the system should send TCP keepalive messages to the
+@@ -1543,6 +1554,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
diff --git a/debian/patches/lintian-symlink-pickiness.patch b/debian/patches/lintian-symlink-pickiness.patch
index 14e704132..7628a777d 100644
--- a/debian/patches/lintian-symlink-pickiness.patch
+++ b/debian/patches/lintian-symlink-pickiness.patch
@@ -1,4 +1,4 @@
-From 615714e35f934eb8f212070549f396c624a64b26 Mon Sep 17 00:00:00 2001
+From fd502e1259e2a5cb42e967eedffff6c14978f0db Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:08 +0000
 Subject: Fix picky lintian errors about slogin symlinks
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index 50e128020..96496858b 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -1,4 +1,4 @@
-From a28ed57e3db85165476dddad441fc55f683fbaf4 Mon Sep 17 00:00:00 2001
+From f4b3ccb275ef86eba749ab1eb61f8d17623a20d9 Mon Sep 17 00:00:00 2001
 From: Scott Moser <smoser@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:10:03 +0000
 Subject: Mention ssh-keygen in ssh fingerprint changed warning
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch
index ad3164cab..46c5a736d 100644
--- a/debian/patches/no-openssl-version-status.patch
+++ b/debian/patches/no-openssl-version-status.patch
@@ -1,4 +1,4 @@
-From 576cbedac5684f24e6ff61fe70edfc81945fd7dd Mon Sep 17 00:00:00 2001
+From 9265d741180d536c5a55719e835490c6fe2753d7 Mon Sep 17 00:00:00 2001
 From: Kurt Roeckx <kurt@roeckx.be>
 Date: Sun, 9 Feb 2014 16:10:14 +0000
 Subject: Don't check the status field of the OpenSSL version
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index 887e93aac..dd47130ce 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -1,4 +1,4 @@
-From b2f2bca0fb145fbf2ffdfadc3b206f212be0a7dc Mon Sep 17 00:00:00 2001
+From 3c25f6ac63012b0a75095bb4beeb30ee1d839a8b Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:09 +0000
 Subject: Adjust various OpenBSD-specific references in manual pages
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index 02f11bec0..c04cd1493 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -1,4 +1,4 @@
-From 40fc1212b3c06063cf3926aa8e8209e1fa05436f Mon Sep 17 00:00:00 2001
+From 9ec138d98fbf662ccac8458fe96a9783eb43a0d3 Mon Sep 17 00:00:00 2001
 From: Matthew Vernon <matthew@debian.org>
 Date: Sun, 9 Feb 2014 16:10:05 +0000
 Subject: Include the Debian version in our identification
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch
index cc10ef7b8..e0a71076d 100644
--- a/debian/patches/quieter-signals.patch
+++ b/debian/patches/quieter-signals.patch
@@ -1,4 +1,4 @@
-From f7d2bb35f07cfcab63fc8cf3cd9bef646065482c Mon Sep 17 00:00:00 2001
+From 65817bc1072df855200fafb439b443cbf52fa631 Mon Sep 17 00:00:00 2001
 From: Peter Samuelson <peter@p12n.org>
 Date: Sun, 9 Feb 2014 16:09:55 +0000
 Subject: Reduce severity of "Killed by signal %d"
@@ -22,10 +22,10 @@ Patch-Name: quieter-signals.patch
 1 file changed, 4 insertions(+), 2 deletions(-)
 diff --git a/clientloop.c b/clientloop.c
-index 9e45d24..5c2b721 100644
+index fba1b54..5653cc4 100644
 --- a/clientloop.c
 +++ b/clientloop.c
-@@ -1721,8 +1721,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
+@@ -1716,8 +1716,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
                exit_status = 0;
        }
 
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index c45aad58f..cc8fc0ccc 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -1,4 +1,4 @@
-From a4fade6aaf7df4c6a01fc353a5cd689e0073e367 Mon Sep 17 00:00:00 2001
+From e7a9d63812243cb281057a50cf41dc9a67f6c749 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:09:59 +0000
 Subject: Adjust scp quoting in verbose mode
diff --git a/debian/patches/series b/debian/patches/series
index b37955563..816f65cc3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,7 +2,6 @@ gssapi.patch
 restore-tcp-wrappers.patch
 selinux-role.patch
 ssh-vulnkey-compat.patch
-ssh1-keepalive.patch
 keepalive-extensions.patch
 syslog-level-silent.patch
 quieter-signals.patch
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index 56f85c14e..a39a08463 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -1,4 +1,4 @@
-From e4ba682033c1e53b52cf4b03924b69f54945f1b5 Mon Sep 17 00:00:00 2001
+From 46395161c625822e4ae3851175ec97a04257789c Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:00 +0000
 Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand
diff --git a/debian/patches/sigstop.patch b/debian/patches/sigstop.patch
index 4873a0527..a7eb5996e 100644
--- a/debian/patches/sigstop.patch
+++ b/debian/patches/sigstop.patch
@@ -1,4 +1,4 @@
-From 7ce7aa96b03196d9d799f4caf6e4c7c6c2bed7da Mon Sep 17 00:00:00 2001
+From 92c6b1dc352b03c7bdecc6ce9bfef7a3b2b54bbc Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:17 +0000
 Subject: Support synchronisation with service supervisor using SIGSTOP
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch
index 8d40231f8..4672be919 100644
--- a/debian/patches/ssh-agent-setgid.patch
+++ b/debian/patches/ssh-agent-setgid.patch
@@ -1,4 +1,4 @@
-From 76ec1a4c34296f1485ce98e301a3d35c9779c2ea Mon Sep 17 00:00:00 2001
+From d724593e18fd54f1ff0815dda0c538188acb7a56 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:13 +0000
 Subject: Document consequences of ssh-agent being setgid in ssh-agent(1)
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index 8e77dadb4..4961fd458 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -1,4 +1,4 @@
-From 80872a9a228eee6b7f189e9770fcf89fb8bca7fa Mon Sep 17 00:00:00 2001
+From 4fe62a4b6a12aba450d84488f11fbf931043913c Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:10 +0000
 Subject: ssh(1): Refer to ssh-argv0(1)
diff --git a/debian/patches/ssh1-keepalive.patch b/debian/patches/ssh1-keepalive.patch
deleted file mode 100644
index e58de3d56..000000000
--- a/debian/patches/ssh1-keepalive.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From 5e3b425ba1e334c987c5e15abf3d90e9eb776ab3 Mon Sep 17 00:00:00 2001
-From: Colin Watson <cjwatson@debian.org>
-Date: Sun, 9 Feb 2014 16:09:51 +0000
-Subject: Partial server keep-alive implementation for SSH1
-Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1712
-Last-Update: 2013-09-14
-Patch-Name: ssh1-keepalive.patch
---
- clientloop.c | 25 +++++++++++++++----------
- ssh_config.5 |  5 ++++-
- 2 files changed, 19 insertions(+), 11 deletions(-)
-diff --git a/clientloop.c b/clientloop.c
-index fba1b54..9e45d24 100644
--- a/clientloop.c
-+++ b/clientloop.c
-@@ -578,16 +578,21 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
- static void
- server_alive_check(void)
- {
-       if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
-               logit("Timeout, server %s not responding.", host);
-               cleanup_exit(255);
-+       if (compat20) {
-+               if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
-+                       logit("Timeout, server %s not responding.", host);
-+                       cleanup_exit(255);
-+               }
-+               packet_start(SSH2_MSG_GLOBAL_REQUEST);
-+               packet_put_cstring("keepalive@openssh.com");
-+               packet_put_char(1);     /* boolean: want reply */
-+               packet_send();
-+               /* Insert an empty placeholder to maintain ordering */
-+               client_register_global_confirm(NULL, NULL);
-+       } else {
-+               packet_send_ignore(0);
-+               packet_send();
-        }
-       packet_start(SSH2_MSG_GLOBAL_REQUEST);
-       packet_put_cstring("keepalive@openssh.com");
-       packet_put_char(1);     /* boolean: want reply */
-       packet_send();
-       /* Insert an empty placeholder to maintain ordering */
-       client_register_global_confirm(NULL, NULL);
- }
- 
- /*
-@@ -649,7 +654,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
-         */
- 
-        timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */
-       if (options.server_alive_interval > 0 && compat20) {
-+       if (options.server_alive_interval > 0) {
-                timeout_secs = options.server_alive_interval;
-                server_alive_time = now + options.server_alive_interval;
-        }
-diff --git a/ssh_config.5 b/ssh_config.5
-index cac8cda..673d0b7 100644
--- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -1468,7 +1468,10 @@ If, for example,
- .Cm ServerAliveCountMax
- is left at the default, if the server becomes unresponsive,
- ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
-+This option applies to protocol version 2 only; in protocol version
-+1 there is no mechanism to request a response from the server to the
-+server alive messages, so disconnection is the responsibility of the TCP
-+stack.
- .It Cm ServerAliveInterval
- Sets a timeout interval in seconds after which if no data has been received
- from the server,
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 18efd6804..39e250f3d 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -1,4 +1,4 @@
-From 063fd3991309c88df5ea2625d663c3958e79b841 Mon Sep 17 00:00:00 2001
+From c44d8ebdba6f7c128fb9a22f9aa7f207cc1383f4 Mon Sep 17 00:00:00 2001
 From: Jonathan David Amery <jdamery@ysolde.ucam.org>
 Date: Sun, 9 Feb 2014 16:09:54 +0000
 Subject: "LogLevel SILENT" compatibility
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index d70822b79..98d37d36c 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
-From 68538f6919550b36ae9d812a1c2c52dbe9354608 Mon Sep 17 00:00:00 2001
+From aae427a0c7d5702bf294191533ab1f33437a8a56 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:09:58 +0000
 Subject: Allow harmless group-writability
@@ -252,10 +252,10 @@ index 2ea0a20..ff80022 100644
 .It Pa ~/.ssh/environment
 Contains additional definitions for environment variables; see
 diff --git a/ssh_config.5 b/ssh_config.5
-index 4e34115..37f3ab8 100644
+index 78e918a..1e9c058 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1760,6 +1760,8 @@ The format of this file is described above.
+@@ -1757,6 +1757,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
diff --git a/ssh_config.5 b/ssh_config.5
index 981197ddf..81b9b740f 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -1492,10 +1492,7 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only; in protocol version
+This option applies to protocol version 2 only.
-1 there is no mechanism to request a response from the server to the
-server alive messages, so disconnection is the responsibility of the TCP
-stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,