summaryrefslogtreecommitdiff
path: root/debian/control
AgeCommit message (Collapse)Author
2014-02-21Split sftp-server into its own packageAxel Beckert
This allows it to also be used by other SSH server implementations like dropbear (closes: #504290).
2014-02-12Drop unnecessary -1 in zlib1g Build-Depends version.Colin Watson
2014-02-12Policy version 3.9.5.Colin Watson
2014-02-12Drop some very old Conflicts and ReplacesColin Watson
Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9), rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2), and openssh-client (<< 1:3.8.1p1-11)). These all relate to pre-etch versions, for which we no longer have maintainer script code, and per policy they would have to become Breaks nowadays anyway.
2014-02-10Add systemd support (thanks, Sven Joachim; closes: #676830).Colin Watson
2014-02-09Drop ssh-vulnkeyColin Watson
Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code, leaving only basic configuration file compatibility, since it has been nearly six years since the original vulnerability and this code is not likely to be of much value any more. See https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full reasoning.
2014-02-09Switch to git; adjust Vcs-* fields.Colin Watson
2013-07-02Update config.guess and config.sub automatically at build time.Colin Watson
dh_autoreconf does not take care of that by default because openssh does not use automake.
2013-05-22* Remove the check for vulnerable host keys; this was first added fiveColin Watson
years ago, and everyone should have upgraded through a version that applied these checks by now. The ssh-vulnkey tool and the blacklisting support in sshd are still here, at least for the moment. * This removes the last of our uses of debconf (closes: #221531).
2013-05-22Switch to new unified layout for Upstart jobs as documented inColin Watson
https://wiki.ubuntu.com/UpstartCompatibleInitScripts: the init script checks for a running Upstart, and we now let dh_installinit handle most of the heavy lifting in maintainer scripts. Ubuntu users should be essentially unaffected except that sshd may no longer start automatically in chroots if the running Upstart predates 0.9.0; but the main goal is simply not to break when openssh-server is installed in a chroot.
2013-05-22Replace old manual conffile handling code with dpkg-maintscript-helper,Colin Watson
via dh_installdeb.
2013-05-22Remove lots of maintainer script support for upgrades from pre-etchColin Watson
(three releases before current stable).
2013-05-06Use dh-autoreconf.Colin Watson
2012-12-19Give ssh and ssh-krb5 versioned dependencies on openssh-client andColin Watson
openssh-server, to try to reduce confusion when people run 'apt-get install ssh' or similar and expect that to upgrade everything relevant.
2012-11-26Merge Upstart job scripting support from Ubuntu, to handle the Upstart job ↵Colin Watson
being primary there.
2012-10-31Drop openssh-blacklist and openssh-blacklist-extra to Suggests. It'sColin Watson
been long enough since the relevant vulnerability that we shouldn't need these installed by default nowadays.
2012-10-31* Merge from Ubuntu:Colin Watson
- Add support for registering ConsoleKit sessions on login. (This is currently enabled only when building for Ubuntu.)
2012-08-24Add ncurses-term to openssh-server's Recommends, since it's often neededColin Watson
to support unusual terminal emulators on clients (closes: #675362).
2012-04-01Use dpkg-buildflags, including for hardening support; drop use ofColin Watson
hardening-includes.
2012-02-24Move ssh-krb5 to Section: oldlibs.Colin Watson
2011-11-09Mark openssh-client and openssh-server as Multi-Arch: foreign.Colin Watson
2011-07-29Only recommend ssh-import-id when built on Ubuntu (closes: #635887).Colin Watson
2011-07-28* Merge from Ubuntu (Dustin Kirkland):Colin Watson
- openssh-server Recommends: ssh-import-id (no-op in Debian since that package doesn't exist there, but this reduces the Ubuntu delta).
2011-07-28openssh-client and openssh-server Suggests: monkeysphere.Colin Watson
2011-05-30Update Vcs-* fields for Alioth changes.Colin Watson
2011-04-13Drop openssh-server's dependency on openssh-blacklist to aColin Watson
recommendation (closes: #622604).
2011-04-04Drop hardcoded dependencies on libssl0.9.8 and libcrypto0.9.8-udeb,Colin Watson
since the required minimum versions are rather old now anyway and openssl has bumped its SONAME (thanks, Julien Cristau; closes: #620828).
2011-01-24Build-depend on libssl-dev (>= 0.9.8g) to ensure sufficient ECC support.Colin Watson
2010-08-05Use an architecture wildcard for libselinux1-dev (closes: #591740).Colin Watson
2010-05-04Add powerpcspe to architecture list for libselinux1-dev build-dependencySebastian Andrzej Siewior
(closes: #579843).
2010-04-07Drop lpia support, since Ubuntu no longer supports this architecture.Colin Watson
2010-04-07Convert to dh(1), and use dh_installdocs --link-doc.Colin Watson
2010-04-03* Policy version 3.8.4:Colin Watson
- Add a Homepage field.
2010-03-01Include debian/ssh-askpass-gnome.png in the Debian tarball now thatColin Watson
we're using a source format that permits this, rather than messing around with uudecode.
2010-01-04Adjust short descriptions to avoid relying on previous experience withColin Watson
rsh, based on suggestions from Reuben Thomas (closes: #512198).
2010-01-02Use hardening-includes for hardening logic (thanks, Kees Cook; closes:Colin Watson
#561887).
2009-12-21Moved to bzr.debian.org; add Vcs-Bzr and Vcs-Browser control fields.Colin Watson
2009-09-17Build-depend on libselinux1-dev on sh4 too (thanks, Nobuhiro Iwamatsu;Colin Watson
closes: #547103).
2009-07-31Upgrade to debhelper v7.Colin Watson
2009-07-31Add ${misc:Depends} to keep Lintian happy.Colin Watson
2009-01-28Add ufw integration (thanks, Didier Roche; seeColin Watson
https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages; LP: #261884).
2009-01-13Check that /var/run/sshd.pid exists and that the process ID listed thereColin Watson
corresponds to sshd before running '/etc/init.d/ssh reload' from if-up script; SIGHUP is racy if called at boot before sshd has a chance to install its signal handler, but fortunately the pid file is written after that which lets us avoid the race (closes: #502444).
2008-07-23* Merge from Ubuntu:Colin Watson
- Add 'status' action to openssh-server init script, requiring lsb-base (>= 3.2-13) (thanks, Dustin Kirkland).
2008-07-22Say "GTK+" rather than "GTK" in ssh-askpass-gnome's description.Colin Watson
2008-06-08Change openssh-client-udeb's Installer-Menu-Item from 99900 to 99999Colin Watson
(thanks, Frans Pop).
2008-05-26Allow building with heimdal-dev (LP: #125805).Colin Watson
2008-05-21Recommend openssh-blacklist-extra from openssh-client andColin Watson
openssh-server.
2008-05-21Recommend openssh-blacklist from openssh-client.Colin Watson
2008-05-12* Mitigate OpenSSL security vulnerability:Colin Watson
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.)
2008-02-27* Recommends: xauth rather than Suggests: xbase-clients.Colin Watson