summaryrefslogtreecommitdiff
path: root/debian/changelog
AgeCommit message (Collapse)Author
2005-01-04note some closed bugsColin Watson
2005-01-04Merge 3.9p1 to the trunk.Colin Watson
2005-01-04Merge from branch-V_3_8_1_P1-4-client-server-split:Colin Watson
cvs up -jV_3_8_1_P1-8 -jbranch-V_3_8_1_P1-4-client-server-split branch-V_3_8_1_P1-4-client-server-split is now closed. For further development for sarge (Debian version 3.8.1p1-8.sarge.4, CVS tag V_3_8_1_P1-8_sarge_4), use branch-V_3_8_1_P1-8_sarge_4-sarge.
2004-12-01Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones).Colin Watson
2004-11-28Finish 1:3.8.1p1-14.Colin Watson
2004-11-28Merge from HEAD:Colin Watson
Make sure that there's a delay in PAM keyboard-interactive authentication when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747).
2004-11-28Merge from HEAD:Colin Watson
Fix timing information leak allowing discovery of invalid usernames in PAM keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595).
2004-11-28We use DH_COMPAT=2, so build-depend on debhelper (>= 2).Colin Watson
2004-11-28Finish 1:3.8.1p1-8.sarge.4.Colin Watson
2004-11-28Make sure that there's a delay in PAM keyboard-interactive authenticationColin Watson
when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747).
2004-11-28Fix timing information leak allowing discovery of invalid usernames in PAMColin Watson
keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595).
2004-11-12Finish 1:3.8.1p1-13.Colin Watson
2004-11-12Merge from HEAD:Colin Watson
Correct README.Debian's ForwardX11Trusted description (closes: #280190).
2004-11-12Merge from HEAD:Colin Watson
Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
2004-11-12Finish 1:3.8.1p1-8.sarge.3.Colin Watson
2004-11-08Correct README.Debian's ForwardX11Trusted description (closes: #280190).Colin Watson
2004-11-01Enable threading for PAM, on Sam Hartman's advice (closes: #278394).Colin Watson
2004-11-01Update Dutch debconf template translation (thanks, cobaco; closes:Colin Watson
#278715).
2004-11-01Update Dutch debconf template translation (thanks, cobaco; closes:Colin Watson
#278715).
2004-10-24Forward-port from HEAD:Colin Watson
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754). * Shorten the version string from the form "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731). * debconf template translations: - Add Finnish (thanks, Matti Pöllä; closes: #265339). - Update Danish (thanks, Morten Brix Pedersen; closes: #275895). - Update French (thanks, Denis Barbier; closes: #276703). - Update Japanese (thanks, Kenshi Muto; closes: #277438).
2004-10-24Finish 1:3.8.1p1-8.sarge.2.Colin Watson
2004-10-24Shorten the version string from the form "OpenSSH_3.8.1p1 DebianColin Watson
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731).
2004-10-24Update Japanese debconf template translation (thanks, Kenshi Muto; closes:Colin Watson
#277438).
2004-10-24Update French debconf template translation (thanks, Denis Barbier; closes:Colin Watson
#276703).
2004-10-24Update Danish debconf template translation (thanks, Morten Brix Pedersen;Colin Watson
closes: #275895).
2004-10-24Add Finnish debconf template translation (thanks, Matti Pöllä; closes:Colin Watson
#265339).
2004-10-24Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).Colin Watson
2004-10-06Finish 1:3.8.1p1-11.Colin Watson
2004-10-06Finish 1:3.8.1p1-8.sarge.1.Colin Watson
2004-10-06Forward-port from HEAD:Colin Watson
* If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled.
2004-10-06Leave ChallengeResponseAuthentication enabled by default, sinceColin Watson
PasswordAuthentication has been turned off for new installs since 1:3.8p1-2.
2004-10-05If PasswordAuthentication is disabled, then offer to disableColin Watson
ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369).
2004-08-31Move sshd_config(5) to openssh-server, where it belongs.Colin Watson
2004-08-25Don't install the ssh-askpass-gnome .desktop file by default; I've had tooColin Watson
many GNOME people tell me it's the wrong thing to be doing. I've left it in /usr/share/doc/ssh-askpass-gnome/examples/ for now.
2004-08-02Finish openssh 1:3.8.1p1-9.Colin Watson
2004-08-02Drop priorities of openssh-server and ssh to optional.Colin Watson
2004-08-02Remove /etc/ssh/sshd_not_to_be_run on purge of openssh-server. For nowColin Watson
(until sarge+2) it's still honoured to avoid breaking existing configurations, but the right approach is now to remove the openssh-server package if you don't want to run the server. Add a NEWS item to that effect.
2004-08-02Add a heuristic to try to make sure the sshd_config upgrade to >= 3.7Colin Watson
happens even though we don't know what version we're upgrading from.
2004-07-31* Split the ssh binary package into openssh-client and openssh-serverColin Watson
(closes: #39741). openssh-server depends on openssh-client for some common functionality; it didn't seem worth creating yet another package for this. * New transitional ssh package, depending on openssh-client and openssh-server. May be removed once nothing depends on it. * When upgrading from ssh to openssh-{client,server}, it's very difficult for the maintainer scripts to find out what version we're upgrading from without dodgy dpkg hackery. I've therefore taken the opportunity to move a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged and ssh/user_environment_tell. * In general, upgrading to this version directly from woody without first upgrading to the version in sarge is not currently guaranteed to work very smoothly due to the aforementioned version discovery problems.
2004-07-30Merge from MAIN:Colin Watson
cvs up -jV_3_8_1_P1-4 -jV_3_8_1_P1-8
2004-07-29Changelog Matthew's copyright file change. Finish 1:3.8.1p1-8.Colin Watson
2004-07-22Re-enable shadow password support in openssh-server-udeb, at BastianColin Watson
Blank's request (closes: #260800).
2004-07-21Finish 1:3.8.1p1-6.Colin Watson
2004-07-21Generate host keys in postinst only if the relevant HostKey directives areColin Watson
found in sshd_config (closes: #87946).
2004-07-19Implement hack in http://lists.debian.org/debian-boot/2004/07/msg01207.htmlColin Watson
to get openssh-client-udeb to show up as a retrievable debian-installer component.
2004-07-10Finish 1:3.8.1p1-5. Set urgency to medium due to the orphaned [pam] processColin Watson
fix.
2004-07-10Apply upstream bits of the patch for #258517.Colin Watson
2004-07-10Add scp and sftp to openssh-client-udeb. It might not be very 'u' any more;Colin Watson
oh well.
2004-07-10Apply patch from Darren Tucker to make the PAM authentication SIGCHLDColin Watson
handler kill the PAM thread if its waitpid() call returns 0, as well as the previous check for -1 (closes: #252676).
2004-07-10They aren't all bashisms ...Colin Watson