summaryrefslogtreecommitdiff
path: root/debian/control
AgeCommit message (Collapse)Author
2010-04-03* Policy version 3.8.4:Colin Watson
- Add a Homepage field.
2010-03-01Include debian/ssh-askpass-gnome.png in the Debian tarball now thatColin Watson
we're using a source format that permits this, rather than messing around with uudecode.
2010-01-04Adjust short descriptions to avoid relying on previous experience withColin Watson
rsh, based on suggestions from Reuben Thomas (closes: #512198).
2010-01-02Use hardening-includes for hardening logic (thanks, Kees Cook; closes:Colin Watson
#561887).
2009-12-21Moved to bzr.debian.org; add Vcs-Bzr and Vcs-Browser control fields.Colin Watson
2009-09-17Build-depend on libselinux1-dev on sh4 too (thanks, Nobuhiro Iwamatsu;Colin Watson
closes: #547103).
2009-07-31Upgrade to debhelper v7.Colin Watson
2009-07-31Add ${misc:Depends} to keep Lintian happy.Colin Watson
2009-01-28Add ufw integration (thanks, Didier Roche; seeColin Watson
https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages; LP: #261884).
2009-01-13Check that /var/run/sshd.pid exists and that the process ID listed thereColin Watson
corresponds to sshd before running '/etc/init.d/ssh reload' from if-up script; SIGHUP is racy if called at boot before sshd has a chance to install its signal handler, but fortunately the pid file is written after that which lets us avoid the race (closes: #502444).
2008-07-23* Merge from Ubuntu:Colin Watson
- Add 'status' action to openssh-server init script, requiring lsb-base (>= 3.2-13) (thanks, Dustin Kirkland).
2008-07-22Say "GTK+" rather than "GTK" in ssh-askpass-gnome's description.Colin Watson
2008-06-08Change openssh-client-udeb's Installer-Menu-Item from 99900 to 99999Colin Watson
(thanks, Frans Pop).
2008-05-26Allow building with heimdal-dev (LP: #125805).Colin Watson
2008-05-21Recommend openssh-blacklist-extra from openssh-client andColin Watson
openssh-server.
2008-05-21Recommend openssh-blacklist from openssh-client.Colin Watson
2008-05-12* Mitigate OpenSSL security vulnerability:Colin Watson
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.)
2008-02-27* Recommends: xauth rather than Suggests: xbase-clients.Colin Watson
2008-01-12* Improve grammar of ssh-askpass-gnome description.Colin Watson
2008-01-11* Drop source-compatibility with Debian 3.0:Colin Watson
- Remove support for building with GNOME 1. This allows simplification of our GNOME build-dependencies (see #460136). - Remove hacks to support the old PAM configuration scheme. - Remove compatibility for building without po-debconf. * Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I can see, the GTK2 version of ssh-askpass-gnome has never required libgnomeui-dev.
2008-01-10* Add armel to architecture list for libselinux1-dev build-dependencyColin Watson
(closes: #460136).
2008-01-10* Pass --with-mantype=doc to configure rather than build-depending onColin Watson
groff (closes: #460121).
2007-12-24* Policy version 3.7.3: no changes required.Colin Watson
2007-07-30* openssh-client Suggests: keychain.Colin Watson
2007-07-28* Build-depend on libselinux1-dev on lpia.Colin Watson
2007-07-07* Identify ssh as a metapackage rather than a transitional package. It'sColin Watson
still useful as a quick way to install both the client and the server.
2007-06-12* Use ${binary:Version} rather than ${Source-Version} in openssh-server ->Colin Watson
openssh-client dependency.
2007-06-12* Belatedly build-depend on zlib1g-dev (>= 1:1.2.3-1) (closes: #333447).Colin Watson
2007-06-12* Use LSB functions in init scripts, and add an LSB-style header (thanks,Colin Watson
Christian Perrier; closes: #389038).
2007-06-06* openssh-client Suggests: libpam-ssh (closes: #427840).Colin Watson
2007-04-29* It's been four and a half years now since I took over as "temporary"Colin Watson
maintainer, so the Maintainer field is getting a bit inaccurate. Set Maintainer to debian-ssh@lists.debian.org and leave Matthew and myself as Uploaders.
2007-04-24* Apply results of debconf templates and package descriptions review byColin Watson
debian-l10n-english (closes: #420107).
2007-04-10* Multiply openssh-client-udeb's Installer-Menu-Item by 100.Colin Watson
2006-12-13* Drop versioning on ssh/ssh-krb5 Replaces, as otherwise it isn'tColin Watson
sufficient to replace conffiles (closes: #402804).
2006-12-06* Create transitional ssh-krb5 package which enables GSSAPI configurationColin Watson
in sshd_config. * Default client to attempting GSSAPI authentication. * Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's found.
2006-10-27* openssh-server Suggests: molly-guard (closes: #395473).Colin Watson
2006-07-14* Change sshd user's shell to /usr/sbin/nologin (closes: #366541).Colin Watson
Introduces dependency on passwd for usermod.
2006-05-12* Policy version 3.7.2: no changes required.Colin Watson
2006-03-31* Use udeb support introduced in debhelper 4.2.0 (available in sarge)Colin Watson
rather than constructing udebs by steam. * Require debhelper 5.0.22, which generates correct shared library dependencies for udebs. This build-dependency can be ignored if building on sarge.
2005-10-07* Build-depend on libssl-dev (>= 0.9.8-1) to cope with surprise OpenSSLColin Watson
transition, since otherwise who knows what the buildds will do. If you're building openssh yourself, you can safely ignore this and use an older libssl-dev.
2005-10-06* Build-depend on libselinux1-dev on armeb.Colin Watson
2005-09-14 - openssh-client and openssh-server replace ssh-krb5.Colin Watson
2005-09-14 - Build-depend on libkrb5-dev and configure --with-kerberos5=/usr.Colin Watson
2005-09-14* openssh-client and openssh-server conflict with pre-split ssh to avoidColin Watson
problems when ssh is left un-upgraded (closes: #324695).
2005-09-02* Policy version 3.6.2: no changes required.Colin Watson
2005-06-30Drop priority of ssh to extra to match the override file.Colin Watson
2005-06-17Build-depend on libselinux1-dev on ppc64 too (closes: #314625).Colin Watson
2005-06-17Switch to debhelper compat level 3, since 2 is deprecated.Colin Watson
2005-06-17Re-enable ssh-askpass-gnome on the Hurd, now that its build-dependenciesColin Watson
are available.
2005-06-17Manoj Srivastava:Colin Watson
- Added SELinux capability, and turned it on be default. Added restorecon calls in preinst and postinst (should not matter if the machine is not SELinux aware). By and large, the changes made should have no effect unless the rules file calls --with-selinux; and even then there should be no performance hit for machines not actively running SELinux. - Modified the preinst and postinst to call restorecon to set the security context for the generated public key files. - Added a comment to /etc/pam.d/ssh to indicate that an SELinux system may want to also include pam_selinux.so.