Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-05-17 | Update Japanese (thanks, Kenshi Muto; closes: #481621). | Colin Watson | |
2008-05-17 | Update Galician (thanks, Jacobo Tarrio; closes: #481596). | Colin Watson | |
2008-05-17 | Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #481591). | Colin Watson | |
2008-05-17 | Update French (thanks, Christian Perrier; closes: #481576). | Colin Watson | |
2008-05-17 | Check RSA1 keys without the need for a separate blacklist. Thanks to | Colin Watson | |
Simon Tatham for the idea. | |||
2008-05-17 | update Finnish translation | Colin Watson | |
2008-05-17 | debconf-updatepo | Colin Watson | |
2008-05-17 | ${HOST_KEYS} not translatable | Colin Watson | |
2008-05-17 | Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi). | Colin Watson | |
2008-05-14 | releasing version 1:4.7p1-10 | Colin Watson | |
2008-05-14 | clarify | Colin Watson | |
2008-05-14 | ssh-vulnkey handles options in authorized_keys (LP: #230029). | Colin Watson | |
2008-05-14 | ignore debian/*.debhelper.log | Colin Watson | |
2008-05-14 | Add a FILES section to ssh-vulnkey(1) (thanks, Hugh Daniel). | Colin Watson | |
2008-05-13 | releasing version 1:4.7p1-9 | Colin Watson | |
2008-05-13 | changed ssh-vulnkey output | Colin Watson | |
2008-05-13 | update from mdz | Colin Watson | |
2008-05-13 | compression | Colin Watson | |
2008-05-13 | add repair instructions from Matt | Colin Watson | |
2008-05-13 | add CVE identifier for OpenSSL vulnerability | Colin Watson | |
2008-05-12 | * Mitigate OpenSSL security vulnerability: | Colin Watson | |
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.) | |||
2008-04-09 | Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-8. | Colin Watson | |
- CVE-2008-1657: Ignore ~/.ssh/rc if a sshd_config ForceCommand is specified. | |||
2008-04-06 | releasing version 1:4.7p1-8 | Colin Watson | |
2008-04-06 | urgency=high for security fixes | Colin Watson | |
2008-04-06 | Backport from Simon Wilkinson's GSSAPI key exchange patch for 5.0p1: | Colin Watson | |
- Add code to actually implement GSSAPIStrictAcceptorCheck, which had somehow been omitted from a previous version of this patch (closes: #474246). | |||
2008-04-06 | typo | Colin Watson | |
2008-04-06 | Backport from 4.9p1: | Colin Watson | |
- Ignore ~/.ssh/rc if a sshd_config ForcedCommand is specified (see http://www.securityfocus.com/bid/28531/info). - Add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc. | |||
2008-04-04 | Tweak scp's reporting of filenames in verbose mode to be a bit less | Colin Watson | |
confusing with spaces (thanks, Nicolas Valcárcel; LP: #89945). | |||
2008-04-04 | Rename KeepAlive to TCPKeepAlive in sshd_config, cleaning up from old | Colin Watson | |
configurations (LP: #211400). | |||
2008-04-01 | Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5. | Colin Watson | |
- CVE-2008-1483: Don't use X11 forwarding port which can't be bound on all address families, preventing hijacking of X11 forwarding by | |||
2008-03-31 | releasing version 1:4.7p1-7 | Colin Watson | |
2008-03-31 | Ignore errors writing to oom_adj (closes: #473573). | Colin Watson | |
2008-03-30 | releasing version 1:4.7p1-6 | Colin Watson | |
2008-03-30 | * Disable the Linux kernel's OOM-killer for the sshd parent; tweak | Colin Watson | |
SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767). | |||
2008-03-22 | releasing version 1:4.7p1-5 | Colin Watson | |
2008-03-22 | * Use printf rather than echo -en (a bashism) in openssh-server.config and | Colin Watson | |
openssh-server.preinst. | |||
2008-03-22 | more detail on #463011 | Colin Watson | |
2008-03-22 | * Patch from Red Hat / Fedora: | Colin Watson | |
- Don't use X11 forwarding port which can't be bound on all address families (closes: #463011). | |||
2008-03-18 | * Document in ssh(1) that '-S none' disables connection sharing | Colin Watson | |
(closes: #471437). | |||
2008-02-29 | * debconf template translations: | Colin Watson | |
- Update Finnish (thanks, Esko Arajärvi; closes: #468563). | |||
2008-02-27 | * Recommends: xauth rather than Suggests: xbase-clients. | Colin Watson | |
2008-02-13 | releasing version 1:4.7p1-4 | Colin Watson | |
2008-02-13 | closes: #465614 as well | Colin Watson | |
2008-02-08 | * Move /etc/pam.d/ssh to /etc/pam.d/sshd, allowing us to stop defining | Colin Watson | |
SSHD_PAM_SERVICE (closes: #255870). | |||
2008-02-04 | * Include the autogenerated debian/copyright in the source package. | Colin Watson | |
2008-02-04 | * Fix configure detection of getseuserbyname and | Colin Watson | |
get_default_context_with_level (LP: #188136). | |||
2008-02-01 | releasing version 1:4.7p1-3 | Colin Watson | |
2008-02-01 | * Allow passing temporary daemon parameters on the init script's command | Colin Watson | |
line, e.g. '/etc/init.d/ssh start "-o PermitRootLogin=yes"' (thanks, Marc Haber; closes: #458547). | |||
2008-02-01 | * Backport from upstream: | Colin Watson | |
- Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent (https://bugzilla.mindrot.org/show_bug.cgi?id=1360). | |||
2008-01-12 | * Improve grammar of ssh-askpass-gnome description. | Colin Watson | |