Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-02-21 | Split sftp-server into its own package | Axel Beckert | |
This allows it to also be used by other SSH server implementations like dropbear (closes: #504290). | |||
2014-02-12 | Drop unnecessary -1 in zlib1g Build-Depends version. | Colin Watson | |
2014-02-12 | Policy version 3.9.5. | Colin Watson | |
2014-02-12 | Drop some very old Conflicts and Replaces | Colin Watson | |
Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9), rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2), and openssh-client (<< 1:3.8.1p1-11)). These all relate to pre-etch versions, for which we no longer have maintainer script code, and per policy they would have to become Breaks nowadays anyway. | |||
2014-02-10 | Add systemd support (thanks, Sven Joachim; closes: #676830). | Colin Watson | |
2014-02-09 | Drop ssh-vulnkey | Colin Watson | |
Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code, leaving only basic configuration file compatibility, since it has been nearly six years since the original vulnerability and this code is not likely to be of much value any more. See https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full reasoning. | |||
2014-02-09 | Switch to git; adjust Vcs-* fields. | Colin Watson | |
2013-07-02 | Update config.guess and config.sub automatically at build time. | Colin Watson | |
dh_autoreconf does not take care of that by default because openssh does not use automake. | |||
2013-05-22 | * Remove the check for vulnerable host keys; this was first added five | Colin Watson | |
years ago, and everyone should have upgraded through a version that applied these checks by now. The ssh-vulnkey tool and the blacklisting support in sshd are still here, at least for the moment. * This removes the last of our uses of debconf (closes: #221531). | |||
2013-05-22 | Switch to new unified layout for Upstart jobs as documented in | Colin Watson | |
https://wiki.ubuntu.com/UpstartCompatibleInitScripts: the init script checks for a running Upstart, and we now let dh_installinit handle most of the heavy lifting in maintainer scripts. Ubuntu users should be essentially unaffected except that sshd may no longer start automatically in chroots if the running Upstart predates 0.9.0; but the main goal is simply not to break when openssh-server is installed in a chroot. | |||
2013-05-22 | Replace old manual conffile handling code with dpkg-maintscript-helper, | Colin Watson | |
via dh_installdeb. | |||
2013-05-22 | Remove lots of maintainer script support for upgrades from pre-etch | Colin Watson | |
(three releases before current stable). | |||
2013-05-06 | Use dh-autoreconf. | Colin Watson | |
2012-12-19 | Give ssh and ssh-krb5 versioned dependencies on openssh-client and | Colin Watson | |
openssh-server, to try to reduce confusion when people run 'apt-get install ssh' or similar and expect that to upgrade everything relevant. | |||
2012-11-26 | Merge Upstart job scripting support from Ubuntu, to handle the Upstart job ↵ | Colin Watson | |
being primary there. | |||
2012-10-31 | Drop openssh-blacklist and openssh-blacklist-extra to Suggests. It's | Colin Watson | |
been long enough since the relevant vulnerability that we shouldn't need these installed by default nowadays. | |||
2012-10-31 | * Merge from Ubuntu: | Colin Watson | |
- Add support for registering ConsoleKit sessions on login. (This is currently enabled only when building for Ubuntu.) | |||
2012-08-24 | Add ncurses-term to openssh-server's Recommends, since it's often needed | Colin Watson | |
to support unusual terminal emulators on clients (closes: #675362). | |||
2012-04-01 | Use dpkg-buildflags, including for hardening support; drop use of | Colin Watson | |
hardening-includes. | |||
2012-02-24 | Move ssh-krb5 to Section: oldlibs. | Colin Watson | |
2011-11-09 | Mark openssh-client and openssh-server as Multi-Arch: foreign. | Colin Watson | |
2011-07-29 | Only recommend ssh-import-id when built on Ubuntu (closes: #635887). | Colin Watson | |
2011-07-28 | * Merge from Ubuntu (Dustin Kirkland): | Colin Watson | |
- openssh-server Recommends: ssh-import-id (no-op in Debian since that package doesn't exist there, but this reduces the Ubuntu delta). | |||
2011-07-28 | openssh-client and openssh-server Suggests: monkeysphere. | Colin Watson | |
2011-05-30 | Update Vcs-* fields for Alioth changes. | Colin Watson | |
2011-04-13 | Drop openssh-server's dependency on openssh-blacklist to a | Colin Watson | |
recommendation (closes: #622604). | |||
2011-04-04 | Drop hardcoded dependencies on libssl0.9.8 and libcrypto0.9.8-udeb, | Colin Watson | |
since the required minimum versions are rather old now anyway and openssl has bumped its SONAME (thanks, Julien Cristau; closes: #620828). | |||
2011-01-24 | Build-depend on libssl-dev (>= 0.9.8g) to ensure sufficient ECC support. | Colin Watson | |
2010-08-05 | Use an architecture wildcard for libselinux1-dev (closes: #591740). | Colin Watson | |
2010-05-04 | Add powerpcspe to architecture list for libselinux1-dev build-dependency | Sebastian Andrzej Siewior | |
(closes: #579843). | |||
2010-04-07 | Drop lpia support, since Ubuntu no longer supports this architecture. | Colin Watson | |
2010-04-07 | Convert to dh(1), and use dh_installdocs --link-doc. | Colin Watson | |
2010-04-03 | * Policy version 3.8.4: | Colin Watson | |
- Add a Homepage field. | |||
2010-03-01 | Include debian/ssh-askpass-gnome.png in the Debian tarball now that | Colin Watson | |
we're using a source format that permits this, rather than messing around with uudecode. | |||
2010-01-04 | Adjust short descriptions to avoid relying on previous experience with | Colin Watson | |
rsh, based on suggestions from Reuben Thomas (closes: #512198). | |||
2010-01-02 | Use hardening-includes for hardening logic (thanks, Kees Cook; closes: | Colin Watson | |
#561887). | |||
2009-12-21 | Moved to bzr.debian.org; add Vcs-Bzr and Vcs-Browser control fields. | Colin Watson | |
2009-09-17 | Build-depend on libselinux1-dev on sh4 too (thanks, Nobuhiro Iwamatsu; | Colin Watson | |
closes: #547103). | |||
2009-07-31 | Upgrade to debhelper v7. | Colin Watson | |
2009-07-31 | Add ${misc:Depends} to keep Lintian happy. | Colin Watson | |
2009-01-28 | Add ufw integration (thanks, Didier Roche; see | Colin Watson | |
https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages; LP: #261884). | |||
2009-01-13 | Check that /var/run/sshd.pid exists and that the process ID listed there | Colin Watson | |
corresponds to sshd before running '/etc/init.d/ssh reload' from if-up script; SIGHUP is racy if called at boot before sshd has a chance to install its signal handler, but fortunately the pid file is written after that which lets us avoid the race (closes: #502444). | |||
2008-07-23 | * Merge from Ubuntu: | Colin Watson | |
- Add 'status' action to openssh-server init script, requiring lsb-base (>= 3.2-13) (thanks, Dustin Kirkland). | |||
2008-07-22 | Say "GTK+" rather than "GTK" in ssh-askpass-gnome's description. | Colin Watson | |
2008-06-08 | Change openssh-client-udeb's Installer-Menu-Item from 99900 to 99999 | Colin Watson | |
(thanks, Frans Pop). | |||
2008-05-26 | Allow building with heimdal-dev (LP: #125805). | Colin Watson | |
2008-05-21 | Recommend openssh-blacklist-extra from openssh-client and | Colin Watson | |
openssh-server. | |||
2008-05-21 | Recommend openssh-blacklist from openssh-client. | Colin Watson | |
2008-05-12 | * Mitigate OpenSSL security vulnerability: | Colin Watson | |
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.) | |||
2008-02-27 | * Recommends: xauth rather than Suggests: xbase-clients. | Colin Watson | |