summaryrefslogtreecommitdiff
path: root/debian/patches
AgeCommit message (Expand)Author
2017-03-30Unbreak Unix domain socket forwarding for root (closes: #858252).Colin Watson
2017-03-16Fix null pointer dereference in ssh-keygen; this fixes an autopkgtest regress...Colin Watson
2017-03-14Fix ssh-keyscan to correctly hash hosts with a port number (closes: #857736, ...Colin Watson
2017-03-09Fix ssh-keygen -H accidentally corrupting known_hosts that contained already-...Colin Watson
2017-03-05Restore reading authorized_keys2 by defaultColin Watson
2017-01-16Fix rekeying failure with GSSAPI key exchange (thanks, Harald Barth; closes: ...Colin Watson
2017-01-16Remove ssh_host_dsa_key from HostKey default (closes: #850614).Colin Watson
2017-01-03Work around clock_gettime kernel bug on Linux x32 (closes: #849923).Colin Watson
2017-01-03Create mux socket for regression tests in a temporary directory.Colin Watson
2017-01-02merge patched into masterColin Watson
2017-01-01Make integrity tests more robust against timeouts in the case where the first...Colin Watson
2016-12-28Avoid calling into Kerberos libraries from ssh_gssapi_server_mechanisms in th...Colin Watson
2016-12-26Remove redundant "GSSAPIDelegateCredentials no" from ssh_config (already the ...Colin Watson
2016-12-26Start handling /etc/ssh/sshd_config using ucf.Colin Watson
2016-12-23New upstream release (7.4p1).Colin Watson
2016-11-19Fix and enable PuTTY interoperability tests under autopkgtest.Colin Watson
2016-10-24CVE-2016-8858: Unregister the KEXINIT handler after message has been received...Colin Watson
2016-08-07New upstream release (7.3p1).Colin Watson
2016-07-22Backport upstream patch to close ControlPersist background process stderr whe...Colin Watson
2016-07-22CVE-2016-6210: Mitigate user enumeration via covert timing channel.Colin Watson
2016-04-28Backport upstream patch to unbreak authentication using lone certificate keys...Colin Watson
2016-04-13CVE-2015-8325: Ignore PAM environment vars when UseLogin=yes.Colin Watson
2016-03-21Fix kexgss_server to cope with DH_GRP_MIN/DH_GRP_MAX being stricter on the se...Colin Watson
2016-03-10New upstream release (7.2p2).Colin Watson
2016-03-08New upstream release (7.2).Colin Watson
2016-01-14New upstream release (7.1p2).Colin Watson
2016-01-04Shuffle PROPOSAL_KEX_ALGS mangling for GSSAPI key exchange a little later in ...Colin Watson
2016-01-04Allow authenticating as root using gssapi-keyex even with "PermitRootLogin pr...Colin Watson
2016-01-04Don't call sd_notify when sshd is re-execed (closes: #809035).Michael Biebl
2015-12-21Add systemd readiness notification support (closes: #778913).Michael Biebl
2015-12-15Backport upstream patch to unbreak connections with peers that set first_kex_...Colin Watson
2015-12-07Update "Subsystem sftp" path in example sshd_config (closes: #691004).Colin Watson
2015-12-03Drop SSH1 keepalive patch. Now that SSH1 is disabled at compile-time, it's b...Colin Watson
2015-11-29New upstream release (7.1p1).Colin Watson
2015-11-29New upstream release (7.0p1).Colin Watson
2015-11-24Drop ConsoleKit session registration patch; it was only ever enabled for Ubun...Colin Watson
2015-09-17ssh_config(5): Fix markup errors in description of GSSAPITrustDns (closes: #7...Colin Watson
2015-09-08mention-ssh-keygen-on-keychange.patch: Move example ssh-keygen invocation ont...Colin Watson
2015-08-20Let principals-command.sh work for noexec /var/run.Colin Watson
2015-08-19Document the Debian-specific change to the default value of ForwardX11Trusted...Colin Watson
2015-08-19CVE-2015-5600: sshd(8): Fix circumvention of MaxAuthTries using keyboard-inte...Colin Watson
2015-08-19Backport PAM security fixes.Colin Watson
2015-08-19SECURITY: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-writa...Colin Watson
2015-08-19New upstream release (6.9p1).Colin Watson
2015-08-19New upstream release (6.8p1).Colin Watson
2015-03-22Revert LC_* configuration change (closes: #780797).Colin Watson
2014-11-06Send/accept only specific known LC_* variables, rather than using a wildcard ...Colin Watson
2014-10-07Merge 6.7p1.Colin Watson
2014-04-21Apply upstream-recommended patch to fix bignum encoding for curve25519-sha256...Colin Watson
2014-04-14Never signal the service supervisor with SIGSTOP more than once, toColin Watson