Age | Commit message (Collapse) | Author | |
---|---|---|---|
2006-12-23 | * It turns out that the people who told me that removing a conffile in the | Colin Watson | |
preinst was sufficient to have dpkg replace it without prompting when moving a conffile between packages were very much mistaken. As far as I can tell, the only way to do this reliably is to write out the desired new text of the conffile in the preinst. This is gross, and requires shipping the text of all conffiles in the preinst too, but there's nothing for it. Fortunately this nonsense is only required for smooth upgrades from sarge. | |||
2006-12-23 | urgency=medium | Colin Watson | |
2006-12-23 | * Make GSSAPICleanupCreds a compatibility alias for | Colin Watson | |
GSSAPICleanupCredentials. Mark GSSUseSessionCCache and GSSAPIUseSessionCredCache as known-but-unsupported options, and migrate away from them on upgrade. | |||
2006-12-17 | * debconf template translations: | Colin Watson | |
- Add Romanian (thanks, Stan Ioan-Eugen; closes: #403528). | |||
2006-12-13 | * Drop versioning on ssh/ssh-krb5 Replaces, as otherwise it isn't | Colin Watson | |
sufficient to replace conffiles (closes: #402804). | |||
2006-12-11 | * Give the ssh-askpass-gnome window a default icon; remove unnecessary | Colin Watson | |
icon extension from .desktop file (closes: https://launchpad.net/bugs/27152). | |||
2006-12-06 | releasing version 1:4.3p2-7 | Colin Watson | |
2006-12-06 | * When installing openssh-client or openssh-server from scratch, remove | Colin Watson | |
any unchanged conffiles from the pre-split ssh package to work around a bug in sarge's dpkg (thanks, Justin Pryzby and others; closes: #335276). | |||
2006-12-06 | * Fix quoting error in configure.ac and regenerate configure (thanks, Ben | Colin Watson | |
Pfaff; closes: #391248). | |||
2006-12-06 | urgency=medium | Colin Watson | |
2006-12-06 | * Remove version control tags from /etc/ssh/moduli and /etc/ssh/ssh_config | Colin Watson | |
to avoid unnecessary conffile resolution steps for administrators (thanks, Jari Aalto; closes: #335259). | |||
2006-12-06 | close #390986 | Colin Watson | |
2006-12-06 | * Add ssh -K option, the converse of -k, to enable GSSAPI credential | Colin Watson | |
delegation (closes: #401483). | |||
2006-12-06 | * Create transitional ssh-krb5 package which enables GSSAPI configuration | Colin Watson | |
in sshd_config. * Default client to attempting GSSAPI authentication. * Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's found. | |||
2006-11-20 | * Ignore errors from usermod when changing sshd'\''s shell, since it will | Colin Watson | |
fail if the sshd user is not local (closes: #398436). | |||
2006-11-15 | releasing version 1:4.3p2-6 | Colin Watson | |
2006-11-15 | * Backport from 4.5p1: | Colin Watson | |
- Fix a bug in the sshd privilege separation monitor that weakened its verification of successful authentication. This bug is not known to be exploitable in the absence of additional vulnerabilities. | |||
2006-10-29 | * debconf template translations: | Colin Watson | |
- Update German (thanks, Helge Kreutzmann; closes: #395947). | |||
2006-10-27 | * openssh-server Suggests: molly-guard (closes: #395473). | Colin Watson | |
2006-10-27 | ack NMU, and a whitespace tweak | Colin Watson | |
2006-10-27 | Incorporate Manoj's NMU: | Colin Watson | |
* NMU to update SELinux patch, bringing it in line with current selinux releases. The patch for this NMU is simply the Bug#394795 patch, and no other changes. (closes: #394795) | |||
2006-10-05 | releasing version 1:4.3p2-5 | Colin Watson | |
2006-10-04 | * Remove ssh/insecure_telnetd check altogether (closes: #391081). | Colin Watson | |
2006-10-02 | * debconf template translations: | Colin Watson | |
- Update Danish (thanks, Claus Hindsgaul; closes: #390612). | |||
2006-09-29 | releasing version 1:4.3p2-4 | Colin Watson | |
2006-09-29 | - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The | Colin Watson | |
signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. | |||
2006-09-29 | * Backport from 4.4p1 (since I don't have an updated version of the GSSAPI | Colin Watson | |
patch yet): - CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired (closes: #389995). | |||
2006-09-29 | * Make ssh/insecure_telnetd Type: error (closes: #388946). | Colin Watson | |
2006-09-29 | * Remove no-longer-used ssh/insecure_rshd debconf template. | Colin Watson | |
2006-09-29 | * Read /etc/default/locale as well as /etc/environment (thanks, Raphaël | Colin Watson | |
Hertzog; closes: #369395). | |||
2006-08-20 | - Update Spanish (thanks, Javier Fernández-Sanguino Peña; | Colin Watson | |
closes: #382966). | |||
2006-08-08 | * debconf template translations: | Colin Watson | |
- Update Portuguese (thanks, Rui Branco; closes: #381942). | |||
2006-07-27 | releasing version 1:4.3p2-3 | Colin Watson | |
2006-07-26 | - Update Japanese (thanks, Kenshi Muto; closes: #379950). | Colin Watson | |
2006-07-14 | * Change sshd user's shell to /usr/sbin/nologin (closes: #366541). | Colin Watson | |
Introduces dependency on passwd for usermod. | |||
2006-07-03 | * Document KeepAlive->TCPKeepAlive renaming in sshd_config(5) (closes: | Colin Watson | |
https://launchpad.net/bugs/50702). | |||
2006-06-25 | - Update Dutch (thanks, Bart Cornelis; closes: #375100). | Colin Watson | |
2006-05-22 | * debconf template translations: | Colin Watson | |
- Update French (thanks, Denis Barbier; closes: #368503). | |||
2006-05-19 | releasing version 1:4.3p2-2 | Colin Watson | |
2006-05-19 | - Update Swedish (thanks, Daniel Nylander; closes: #367971). | Colin Watson | |
2006-05-17 | * On '/etc/init.d/ssh restart', create /var/run/sshd before checking the | Colin Watson | |
server configuration, as otherwise 'sshd -t' will complain about the lack of /var/run/sshd (closes: https://launchpad.net/bugs/45234). | |||
2006-05-16 | * Include commented-out pam_access example in /etc/pam.d/ssh. | Colin Watson | |
2006-05-15 | - Update Galician (thanks, Jacobo Tarrio; closes: #367318). | Colin Watson | |
2006-05-14 | - Update Italian (thanks, Luca Monducci; closes: #367186). | Colin Watson | |
2006-05-14 | - Update Czech (thanks, Miroslav Kure; closes: #367161). | Colin Watson | |
2006-05-14 | * debconf template translations: | Colin Watson | |
- Update Russian (thanks, Yuriy Talakan'; closes: #367143). | |||
2006-05-12 | releasing version 1:4.3p2-1 | Colin Watson | |
2006-05-12 | * Ship README.tun. | Colin Watson | |
2006-05-12 | * Policy version 3.7.2: no changes required. | Colin Watson | |
2006-05-12 | * Restore pam_nologin to /etc/pam.d/ssh; sshd no longer checks this itself | Colin Watson | |
when PAM is enabled, but relies on PAM to do it. |