9 files changed, 28 insertions, 28 deletions
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 77e807502..45a8364ca 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -18,13 +18,13 @@ Description: Various Debian-specific configuration changes
 Author: Colin Watson <cjwatson@debian.org>
 Author: Russ Allbery <rra@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1269,7 +1269,7 @@
+@@ -1288,7 +1288,7 @@
        if (options->forward_x11 == -1)
                options->forward_x11 = 0;
        if (options->forward_x11_trusted == -1)
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index ce50db505..416e2f16c 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -13,7 +13,7 @@ Description: GSSAPI key exchange support
 security history.
 Author: Simon Wilkinson <simon@sxw.org.uk>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
-Last-Updated: 2013-05-13
+Last-Updated: 2013-05-16
 Index: b/ChangeLog.gssapi
 ===================================================================
@@ -2327,7 +2327,7 @@ Index: b/readconf.c
 #endif
        { "fallbacktorsh", oDeprecated },
        { "usersh", oDeprecated },
-@@ -483,10 +494,30 @@
+@@ -503,10 +514,30 @@
                intptr = &options->gss_authentication;
                goto parse_flag;
 
@@ -2358,7 +2358,7 @@ Index: b/readconf.c
        case oBatchMode:
                intptr = &options->batch_mode;
                goto parse_flag;
-@@ -1139,7 +1170,12 @@
+@@ -1158,7 +1189,12 @@
        options->pubkey_authentication = -1;
        options->challenge_response_authentication = -1;
        options->gss_authentication = -1;
@@ -2371,7 +2371,7 @@ Index: b/readconf.c
        options->password_authentication = -1;
        options->kbd_interactive_authentication = -1;
        options->kbd_interactive_devices = NULL;
-@@ -1239,8 +1275,14 @@
+@@ -1258,8 +1294,14 @@
                options->challenge_response_authentication = 1;
        if (options->gss_authentication == -1)
                options->gss_authentication = 0;
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 028bd62e5..98e9f8bdd 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -12,7 +12,7 @@ Author: Richard Kettlewell <rjk@greenend.org.uk>
 Author: Ian Jackson <ian@chiark.greenend.org.uk>
 Author: Matthew Vernon <matthew@debian.org>
 Author: Colin Watson <cjwatson@debian.org>
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/readconf.c
 ===================================================================
@@ -35,7 +35,7 @@ Index: b/readconf.c
 
        { NULL, oBadOption }
 };
-@@ -915,6 +918,8 @@
+@@ -933,6 +936,8 @@
                goto parse_flag;
 
        case oServerAliveInterval:
@@ -44,7 +44,7 @@ Index: b/readconf.c
                intptr = &options->server_alive_interval;
                goto parse_time;
 
-@@ -1386,8 +1391,13 @@
+@@ -1392,8 +1397,13 @@
                options->rekey_limit = 0;
        if (options->verify_host_key_dns == -1)
                options->verify_host_key_dns = 0;
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index fa7c725b4..fd1b6f9f5 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -2,13 +2,13 @@ Description: Mention ssh-keygen in ssh fingerprint changed warning
 Author: Scott Moser <smoser@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843
 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -975,9 +975,12 @@
+@@ -982,9 +982,12 @@
                        error("%s. This could either mean that", key_msg);
                        error("DNS SPOOFING is happening or the IP address for the host");
                        error("and its host key have changed at the same time.");
@@ -22,7 +22,7 @@ Index: b/sshconnect.c
                }
                /* The host key has changed. */
                warn_changed_key(host_key);
-@@ -985,6 +988,8 @@
+@@ -992,6 +995,8 @@
                    user_hostfiles[0]);
                error("Offending %s key in %s:%lu", key_type(host_found->key),
                    host_found->file, host_found->line);
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index c337ad671..b922a185b 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -5,13 +5,13 @@ Description: Include the Debian version in our identification
 vulnerable-looking version strings.  (However, see debian-banner.patch.)
 Author: Matthew Vernon <matthew@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -435,10 +435,10 @@
+@@ -442,10 +442,10 @@
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
@@ -44,7 +44,7 @@ Index: b/version.h
 @@ -3,4 +3,9 @@
 #define SSH_VERSION    "OpenSSH_6.2"
 
- #define SSH_PORTABLE   "p1"
+ #define SSH_PORTABLE   "p2"
 -#define SSH_RELEASE    SSH_VERSION SSH_PORTABLE
 +#define SSH_RELEASE_MINIMUM    SSH_VERSION SSH_PORTABLE
 +#ifdef SSH_EXTRAVERSION
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index 4c4532e99..d4cbc3e5f 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -4,13 +4,13 @@ Description: Look for $SHELL on the path for ProxyCommand/LocalCommand
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494
 Bug-Debian: http://bugs.debian.org/492728
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -144,7 +144,7 @@
+@@ -151,7 +151,7 @@
                /* Execute the proxy command.  Note that we gave up any
                   extra privileges above. */
                signal(SIGPIPE, SIG_DFL);
@@ -19,7 +19,7 @@ Index: b/sshconnect.c
                perror(argv[0]);
                exit(1);
        }
-@@ -1292,7 +1292,7 @@
+@@ -1299,7 +1299,7 @@
        if (pid == 0) {
                signal(SIGPIPE, SIG_DFL);
                debug3("Executing %s -c \"%s\"", shell, args);
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index b7531cce0..03d6f15d9 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -8,7 +8,7 @@ Description: Reject vulnerable keys to mitigate Debian OpenSSL flaw
 See CVE-2008-0166.
 Author: Colin Watson <cjwatson@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/Makefile.in
 ===================================================================
@@ -420,7 +420,7 @@ Index: b/readconf.c
        { "rsaauthentication", oRSAAuthentication },
        { "pubkeyauthentication", oPubkeyAuthentication },
        { "dsaauthentication", oPubkeyAuthentication },             /* alias */
-@@ -490,6 +492,10 @@
+@@ -510,6 +512,10 @@
                intptr = &options->challenge_response_authentication;
                goto parse_flag;
 
@@ -431,7 +431,7 @@ Index: b/readconf.c
        case oGssAuthentication:
                intptr = &options->gss_authentication;
                goto parse_flag;
-@@ -1181,6 +1187,7 @@
+@@ -1200,6 +1206,7 @@
        options->kbd_interactive_devices = NULL;
        options->rhosts_rsa_authentication = -1;
        options->hostbased_authentication = -1;
@@ -439,7 +439,7 @@ Index: b/readconf.c
        options->batch_mode = -1;
        options->check_host_ip = -1;
        options->strict_host_key_checking = -1;
-@@ -1291,6 +1298,8 @@
+@@ -1310,6 +1317,8 @@
                options->rhosts_rsa_authentication = 0;
        if (options->hostbased_authentication == -1)
                options->hostbased_authentication = 0;
@@ -1247,7 +1247,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -1495,7 +1495,7 @@
+@@ -1492,7 +1492,7 @@
 static void
 load_public_identity_files(void)
 {
@@ -1256,7 +1256,7 @@ Index: b/ssh.c
        char *pwdir = NULL, *pwname = NULL;
        int i = 0;
        Key *public;
-@@ -1552,6 +1552,22 @@
+@@ -1550,6 +1550,22 @@
                public = key_load_public(filename, NULL);
                debug("identity file %s type %d", filename,
                    public ? public->type : -1);
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 3dfc89027..2bac7c8cb 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -8,7 +8,7 @@ Description: "LogLevel SILENT" compatibility
 Author: Jonathan David Amery <jdamery@ysolde.ucam.org>
 Author: Matthew Vernon <matthew@debian.org>
 Author: Colin Watson <cjwatson@debian.org>
-Last-Update: 2010-03-31
+Last-Update: 2013-05-16
 Index: b/log.c
 ===================================================================
@@ -26,7 +26,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -714,7 +714,7 @@
+@@ -711,7 +711,7 @@
        /* Do not allocate a tty if stdin is not a tty. */
        if ((!isatty(fileno(stdin)) || stdin_null_flag) &&
            options.request_tty != REQUEST_TTY_FORCE) {
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 64ecbd7c8..d0de9c006 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -9,7 +9,7 @@ Description: Allow harmless group-writability
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060
 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 Index: b/readconf.c
 ===================================================================
@@ -24,7 +24,7 @@ Index: b/readconf.c
 
 #include "xmalloc.h"
 #include "ssh.h"
-@@ -1132,8 +1134,7 @@
+@@ -1150,8 +1152,7 @@
 
                if (fstat(fileno(f), &sb) == -1)
                        fatal("fstat %s: %s", filename, strerror(errno));

diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch index 77e807502..45a8364ca 100644 --- a/debian/patches/debian-config.patch +++ b/debian/patches/debian-config.patch
@@ -18,13 +18,13 @@ Description: Various Debian-specific configuration changes
18	Author: Colin Watson <cjwatson@debian.org>	18	Author: Colin Watson <cjwatson@debian.org>
19	Author: Russ Allbery <rra@debian.org>	19	Author: Russ Allbery <rra@debian.org>
20	Forwarded: not-needed	20	Forwarded: not-needed
21	Last-Update: 2013-05-07	21	Last-Update: 2013-05-16
22		22
23	Index: b/readconf.c	23	Index: b/readconf.c
24	===================================================================	24	===================================================================
25	--- a/readconf.c	25	--- a/readconf.c
26	+++ b/readconf.c	26	+++ b/readconf.c
27	@@ -1269,7 +1269,7 @@	27	@@ -1288,7 +1288,7 @@
28	if (options->forward_x11 == -1)	28	if (options->forward_x11 == -1)
29	options->forward_x11 = 0;	29	options->forward_x11 = 0;
30	if (options->forward_x11_trusted == -1)	30	if (options->forward_x11_trusted == -1)


diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch index ce50db505..416e2f16c 100644 --- a/debian/patches/gssapi.patch +++ b/debian/patches/gssapi.patch
@@ -13,7 +13,7 @@ Description: GSSAPI key exchange support
13	security history.	13	security history.
14	Author: Simon Wilkinson <simon@sxw.org.uk>	14	Author: Simon Wilkinson <simon@sxw.org.uk>
15	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242	15	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
16	Last-Updated: 2013-05-13	16	Last-Updated: 2013-05-16
17		17
18	Index: b/ChangeLog.gssapi	18	Index: b/ChangeLog.gssapi
19	===================================================================	19	===================================================================
@@ -2327,7 +2327,7 @@ Index: b/readconf.c
2327	#endif	2327	#endif
2328	{ "fallbacktorsh", oDeprecated },	2328	{ "fallbacktorsh", oDeprecated },
2329	{ "usersh", oDeprecated },	2329	{ "usersh", oDeprecated },
2330	@@ -483,10 +494,30 @@	2330	@@ -503,10 +514,30 @@
2331	intptr = &options->gss_authentication;	2331	intptr = &options->gss_authentication;
2332	goto parse_flag;	2332	goto parse_flag;
2333		2333
@@ -2358,7 +2358,7 @@ Index: b/readconf.c
2358	case oBatchMode:	2358	case oBatchMode:
2359	intptr = &options->batch_mode;	2359	intptr = &options->batch_mode;
2360	goto parse_flag;	2360	goto parse_flag;
2361	@@ -1139,7 +1170,12 @@	2361	@@ -1158,7 +1189,12 @@
2362	options->pubkey_authentication = -1;	2362	options->pubkey_authentication = -1;
2363	options->challenge_response_authentication = -1;	2363	options->challenge_response_authentication = -1;
2364	options->gss_authentication = -1;	2364	options->gss_authentication = -1;
@@ -2371,7 +2371,7 @@ Index: b/readconf.c
2371	options->password_authentication = -1;	2371	options->password_authentication = -1;
2372	options->kbd_interactive_authentication = -1;	2372	options->kbd_interactive_authentication = -1;
2373	options->kbd_interactive_devices = NULL;	2373	options->kbd_interactive_devices = NULL;
2374	@@ -1239,8 +1275,14 @@	2374	@@ -1258,8 +1294,14 @@
2375	options->challenge_response_authentication = 1;	2375	options->challenge_response_authentication = 1;
2376	if (options->gss_authentication == -1)	2376	if (options->gss_authentication == -1)
2377	options->gss_authentication = 0;	2377	options->gss_authentication = 0;


diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch index 028bd62e5..98e9f8bdd 100644 --- a/debian/patches/keepalive-extensions.patch +++ b/debian/patches/keepalive-extensions.patch
@@ -12,7 +12,7 @@ Author: Richard Kettlewell <rjk@greenend.org.uk>
12	Author: Ian Jackson <ian@chiark.greenend.org.uk>	12	Author: Ian Jackson <ian@chiark.greenend.org.uk>
13	Author: Matthew Vernon <matthew@debian.org>	13	Author: Matthew Vernon <matthew@debian.org>
14	Author: Colin Watson <cjwatson@debian.org>	14	Author: Colin Watson <cjwatson@debian.org>
15	Last-Update: 2013-05-07	15	Last-Update: 2013-05-16
16		16
17	Index: b/readconf.c	17	Index: b/readconf.c
18	===================================================================	18	===================================================================
@@ -35,7 +35,7 @@ Index: b/readconf.c
35		35
36	{ NULL, oBadOption }	36	{ NULL, oBadOption }
37	};	37	};
38	@@ -915,6 +918,8 @@	38	@@ -933,6 +936,8 @@
39	goto parse_flag;	39	goto parse_flag;
40		40
41	case oServerAliveInterval:	41	case oServerAliveInterval:
@@ -44,7 +44,7 @@ Index: b/readconf.c
44	intptr = &options->server_alive_interval;	44	intptr = &options->server_alive_interval;
45	goto parse_time;	45	goto parse_time;
46		46
47	@@ -1386,8 +1391,13 @@	47	@@ -1392,8 +1397,13 @@
48	options->rekey_limit = 0;	48	options->rekey_limit = 0;
49	if (options->verify_host_key_dns == -1)	49	if (options->verify_host_key_dns == -1)
50	options->verify_host_key_dns = 0;	50	options->verify_host_key_dns = 0;


diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch index fa7c725b4..fd1b6f9f5 100644 --- a/debian/patches/mention-ssh-keygen-on-keychange.patch +++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -2,13 +2,13 @@ Description: Mention ssh-keygen in ssh fingerprint changed warning
2	Author: Scott Moser <smoser@ubuntu.com>	2	Author: Scott Moser <smoser@ubuntu.com>
3	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843	3	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843
4	Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607	4	Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607
5	Last-Update: 2013-05-07	5	Last-Update: 2013-05-16
6		6
7	Index: b/sshconnect.c	7	Index: b/sshconnect.c
8	===================================================================	8	===================================================================
9	--- a/sshconnect.c	9	--- a/sshconnect.c
10	+++ b/sshconnect.c	10	+++ b/sshconnect.c
11	@@ -975,9 +975,12 @@	11	@@ -982,9 +982,12 @@
12	error("%s. This could either mean that", key_msg);	12	error("%s. This could either mean that", key_msg);
13	error("DNS SPOOFING is happening or the IP address for the host");	13	error("DNS SPOOFING is happening or the IP address for the host");
14	error("and its host key have changed at the same time.");	14	error("and its host key have changed at the same time.");
@@ -22,7 +22,7 @@ Index: b/sshconnect.c
22	}	22	}
23	/* The host key has changed. */	23	/* The host key has changed. */
24	warn_changed_key(host_key);	24	warn_changed_key(host_key);
25	@@ -985,6 +988,8 @@	25	@@ -992,6 +995,8 @@
26	user_hostfiles[0]);	26	user_hostfiles[0]);
27	error("Offending %s key in %s:%lu", key_type(host_found->key),	27	error("Offending %s key in %s:%lu", key_type(host_found->key),
28	host_found->file, host_found->line);	28	host_found->file, host_found->line);


diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch index c337ad671..b922a185b 100644 --- a/debian/patches/package-versioning.patch +++ b/debian/patches/package-versioning.patch
@@ -5,13 +5,13 @@ Description: Include the Debian version in our identification
5	vulnerable-looking version strings. (However, see debian-banner.patch.)	5	vulnerable-looking version strings. (However, see debian-banner.patch.)
6	Author: Matthew Vernon <matthew@debian.org>	6	Author: Matthew Vernon <matthew@debian.org>
7	Forwarded: not-needed	7	Forwarded: not-needed
8	Last-Update: 2013-05-07	8	Last-Update: 2013-05-16
9		9
10	Index: b/sshconnect.c	10	Index: b/sshconnect.c
11	===================================================================	11	===================================================================
12	--- a/sshconnect.c	12	--- a/sshconnect.c
13	+++ b/sshconnect.c	13	+++ b/sshconnect.c
14	@@ -435,10 +435,10 @@	14	@@ -442,10 +442,10 @@
15	/* Send our own protocol version identification. */	15	/* Send our own protocol version identification. */
16	if (compat20) {	16	if (compat20) {
17	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	17	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
@@ -44,7 +44,7 @@ Index: b/version.h
44	@@ -3,4 +3,9 @@	44	@@ -3,4 +3,9 @@
45	#define SSH_VERSION "OpenSSH_6.2"	45	#define SSH_VERSION "OpenSSH_6.2"
46		46
47	#define SSH_PORTABLE "p1"	47	#define SSH_PORTABLE "p2"
48	-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE	48	-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
49	+#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE	49	+#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
50	+#ifdef SSH_EXTRAVERSION	50	+#ifdef SSH_EXTRAVERSION


diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch index 4c4532e99..d4cbc3e5f 100644 --- a/debian/patches/shell-path.patch +++ b/debian/patches/shell-path.patch
@@ -4,13 +4,13 @@ Description: Look for $SHELL on the path for ProxyCommand/LocalCommand
4	Author: Colin Watson <cjwatson@debian.org>	4	Author: Colin Watson <cjwatson@debian.org>
5	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494	5	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494
6	Bug-Debian: http://bugs.debian.org/492728	6	Bug-Debian: http://bugs.debian.org/492728
7	Last-Update: 2013-05-07	7	Last-Update: 2013-05-16
8		8
9	Index: b/sshconnect.c	9	Index: b/sshconnect.c
10	===================================================================	10	===================================================================
11	--- a/sshconnect.c	11	--- a/sshconnect.c
12	+++ b/sshconnect.c	12	+++ b/sshconnect.c
13	@@ -144,7 +144,7 @@	13	@@ -151,7 +151,7 @@
14	/* Execute the proxy command. Note that we gave up any	14	/* Execute the proxy command. Note that we gave up any
15	extra privileges above. */	15	extra privileges above. */
16	signal(SIGPIPE, SIG_DFL);	16	signal(SIGPIPE, SIG_DFL);
@@ -19,7 +19,7 @@ Index: b/sshconnect.c
19	perror(argv[0]);	19	perror(argv[0]);
20	exit(1);	20	exit(1);
21	}	21	}
22	@@ -1292,7 +1292,7 @@	22	@@ -1299,7 +1299,7 @@
23	if (pid == 0) {	23	if (pid == 0) {
24	signal(SIGPIPE, SIG_DFL);	24	signal(SIGPIPE, SIG_DFL);
25	debug3("Executing %s -c \"%s\"", shell, args);	25	debug3("Executing %s -c \"%s\"", shell, args);


diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch index b7531cce0..03d6f15d9 100644 --- a/debian/patches/ssh-vulnkey.patch +++ b/debian/patches/ssh-vulnkey.patch
@@ -8,7 +8,7 @@ Description: Reject vulnerable keys to mitigate Debian OpenSSL flaw
8	See CVE-2008-0166.	8	See CVE-2008-0166.
9	Author: Colin Watson <cjwatson@ubuntu.com>	9	Author: Colin Watson <cjwatson@ubuntu.com>
10	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469	10	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
11	Last-Update: 2013-05-07	11	Last-Update: 2013-05-16
12		12
13	Index: b/Makefile.in	13	Index: b/Makefile.in
14	===================================================================	14	===================================================================
@@ -420,7 +420,7 @@ Index: b/readconf.c
420	{ "rsaauthentication", oRSAAuthentication },	420	{ "rsaauthentication", oRSAAuthentication },
421	{ "pubkeyauthentication", oPubkeyAuthentication },	421	{ "pubkeyauthentication", oPubkeyAuthentication },
422	{ "dsaauthentication", oPubkeyAuthentication }, /* alias */	422	{ "dsaauthentication", oPubkeyAuthentication }, /* alias */
423	@@ -490,6 +492,10 @@	423	@@ -510,6 +512,10 @@
424	intptr = &options->challenge_response_authentication;	424	intptr = &options->challenge_response_authentication;
425	goto parse_flag;	425	goto parse_flag;
426		426
@@ -431,7 +431,7 @@ Index: b/readconf.c
431	case oGssAuthentication:	431	case oGssAuthentication:
432	intptr = &options->gss_authentication;	432	intptr = &options->gss_authentication;
433	goto parse_flag;	433	goto parse_flag;
434	@@ -1181,6 +1187,7 @@	434	@@ -1200,6 +1206,7 @@
435	options->kbd_interactive_devices = NULL;	435	options->kbd_interactive_devices = NULL;
436	options->rhosts_rsa_authentication = -1;	436	options->rhosts_rsa_authentication = -1;
437	options->hostbased_authentication = -1;	437	options->hostbased_authentication = -1;
@@ -439,7 +439,7 @@ Index: b/readconf.c
439	options->batch_mode = -1;	439	options->batch_mode = -1;
440	options->check_host_ip = -1;	440	options->check_host_ip = -1;
441	options->strict_host_key_checking = -1;	441	options->strict_host_key_checking = -1;
442	@@ -1291,6 +1298,8 @@	442	@@ -1310,6 +1317,8 @@
443	options->rhosts_rsa_authentication = 0;	443	options->rhosts_rsa_authentication = 0;
444	if (options->hostbased_authentication == -1)	444	if (options->hostbased_authentication == -1)
445	options->hostbased_authentication = 0;	445	options->hostbased_authentication = 0;
@@ -1247,7 +1247,7 @@ Index: b/ssh.c
1247	===================================================================	1247	===================================================================
1248	--- a/ssh.c	1248	--- a/ssh.c
1249	+++ b/ssh.c	1249	+++ b/ssh.c
1250	@@ -1495,7 +1495,7 @@	1250	@@ -1492,7 +1492,7 @@
1251	static void	1251	static void
1252	load_public_identity_files(void)	1252	load_public_identity_files(void)
1253	{	1253	{
@@ -1256,7 +1256,7 @@ Index: b/ssh.c
1256	char pwdir = NULL, pwname = NULL;	1256	char pwdir = NULL, pwname = NULL;
1257	int i = 0;	1257	int i = 0;
1258	Key *public;	1258	Key *public;
1259	@@ -1552,6 +1552,22 @@	1259	@@ -1550,6 +1550,22 @@
1260	public = key_load_public(filename, NULL);	1260	public = key_load_public(filename, NULL);
1261	debug("identity file %s type %d", filename,	1261	debug("identity file %s type %d", filename,
1262	public ? public->type : -1);	1262	public ? public->type : -1);


diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch index 3dfc89027..2bac7c8cb 100644 --- a/debian/patches/syslog-level-silent.patch +++ b/debian/patches/syslog-level-silent.patch
@@ -8,7 +8,7 @@ Description: "LogLevel SILENT" compatibility
8	Author: Jonathan David Amery <jdamery@ysolde.ucam.org>	8	Author: Jonathan David Amery <jdamery@ysolde.ucam.org>
9	Author: Matthew Vernon <matthew@debian.org>	9	Author: Matthew Vernon <matthew@debian.org>
10	Author: Colin Watson <cjwatson@debian.org>	10	Author: Colin Watson <cjwatson@debian.org>
11	Last-Update: 2010-03-31	11	Last-Update: 2013-05-16
12		12
13	Index: b/log.c	13	Index: b/log.c
14	===================================================================	14	===================================================================
@@ -26,7 +26,7 @@ Index: b/ssh.c
26	===================================================================	26	===================================================================
27	--- a/ssh.c	27	--- a/ssh.c
28	+++ b/ssh.c	28	+++ b/ssh.c
29	@@ -714,7 +714,7 @@	29	@@ -711,7 +711,7 @@
30	/* Do not allocate a tty if stdin is not a tty. */	30	/* Do not allocate a tty if stdin is not a tty. */
31	if ((!isatty(fileno(stdin)) \|\| stdin_null_flag) &&	31	if ((!isatty(fileno(stdin)) \|\| stdin_null_flag) &&
32	options.request_tty != REQUEST_TTY_FORCE) {	32	options.request_tty != REQUEST_TTY_FORCE) {


diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 64ecbd7c8..d0de9c006 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch
@@ -9,7 +9,7 @@ Description: Allow harmless group-writability
9	Author: Colin Watson <cjwatson@debian.org>	9	Author: Colin Watson <cjwatson@debian.org>
10	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060	10	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060
11	Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347	11	Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347
12	Last-Update: 2013-05-07	12	Last-Update: 2013-05-16
13		13
14	Index: b/readconf.c	14	Index: b/readconf.c
15	===================================================================	15	===================================================================
@@ -24,7 +24,7 @@ Index: b/readconf.c
24		24
25	#include "xmalloc.h"	25	#include "xmalloc.h"
26	#include "ssh.h"	26	#include "ssh.h"
27	@@ -1132,8 +1134,7 @@	27	@@ -1150,8 +1152,7 @@
28		28
29	if (fstat(fileno(f), &sb) == -1)	29	if (fstat(fileno(f), &sb) == -1)
30	fatal("fstat %s: %s", filename, strerror(errno));	30	fatal("fstat %s: %s", filename, strerror(errno));