Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-02-15 | Fix getsockname errors when using "ssh -W" (closes: #738693). | Colin Watson | |
2014-02-13 | Remove code related to non-dependency-based sysv-rc ordering, since that is ↵ | Colin Watson | |
no longer supported. | |||
2014-02-13 | Fix "Running sshd from inittab" instructions for dependency-based sysv-rc | Colin Watson | |
Amend "Running sshd from inittab" instructions in README.Debian to recommend 'update-rc.d ssh disable', rather than manual removal of rc*.d symlinks that won't work with dependency-based sysv-rc. | |||
2014-02-13 | Configure --without-hardening on hppa, to work around ↵ | Colin Watson | |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 (closes: #738798). | |||
2014-02-12 | releasing package openssh version 1:6.5p1-3 | Colin Watson | |
2014-02-12 | Tweak dh_systemd_enable invocations to avoid lots of error noise. | Colin Watson | |
2014-02-12 | Drop unnecessary -1 in zlib1g Build-Depends version. | Colin Watson | |
2014-02-12 | Policy version 3.9.5. | Colin Watson | |
2014-02-12 | Drop some very old Conflicts and Replaces | Colin Watson | |
Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9), rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2), and openssh-client (<< 1:3.8.1p1-11)). These all relate to pre-etch versions, for which we no longer have maintainer script code, and per policy they would have to become Breaks nowadays anyway. | |||
2014-02-12 | Refer to /usr/share/common-licenses/GPL-2 in debian/copyright (for the ↵ | Colin Watson | |
Debian patch) rather than plain GPL. | |||
2014-02-12 | Remove unnecessary /dev/null tests | Colin Watson | |
Remove tests for whether /dev/null is a character device from the Upstart job and the systemd service files; it's there to avoid a confusing failure mode in daemon(), but with modern init systems we use the -D option to suppress daemonisation anyway. | |||
2014-02-12 | Reorder transition code by guard version. | Colin Watson | |
2014-02-12 | Bump guard version for sysvinit->systemd transition to 1:6.5p1-3; we may ↵ | Colin Watson | |
have got it wrong before, and it's fairly harmless to repeat it. | |||
2014-02-12 | Fix sysvinit->systemd transition code | Colin Watson | |
We need to cope with still-running sysvinit jobs being considered active by systemd (thanks, Uoti Urpala and Michael Biebl). | |||
2014-02-12 | Avoid stdout noise from which(1) on purge of openssh-client. | Colin Watson | |
2014-02-12 | Stop claiming that "Protocol 2" is a Debian-specific default | Colin Watson | |
This has been upstream's default since 5.4p1. | |||
2014-02-12 | Adjust section title too. | Colin Watson | |
2014-02-11 | Clarify socket activation mode in README.Debian, as suggested by Uoti Urpala. | Colin Watson | |
2014-02-11 | releasing package openssh version 1:6.5p1-2 | Colin Watson | |
2014-02-11 | Backport upstream patch to unbreak case-sensitive matching of ssh_config ↵ | Colin Watson | |
(closes: #738619). | |||
2014-02-11 | Only enable ssh.service for systemd, not both ssh.service and ssh.socket. ↵ | Colin Watson | |
Thanks to Michael Biebl for spotting this. | |||
2014-02-10 | releasing package openssh version 1:6.5p1-1 | Colin Watson | |
2014-02-10 | Drop After=syslog.target; this is obsolete according to Lintian. | Colin Watson | |
2014-02-10 | Add systemd support (thanks, Sven Joachim; closes: #676830). | Colin Watson | |
2014-02-10 | Stop manually creating /usr/share/lintian/overrides; dh_lintian handles this. | Colin Watson | |
2014-02-10 | Drop long-obsolete "SSH now uses protocol 2 by default" section from ↵ | Colin Watson | |
README.Debian. | |||
2014-02-10 | Generate ED25519 host keys on fresh installations. | Colin Watson | |
Upgraders who wish to add such host keys should manually add 'HostKey /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'. | |||
2014-02-10 | Close some bugs related to ssh-vulnkey. | Colin Watson | |
2014-02-10 | Incorporate default path changes from shadow 1:4.0.18.1-8, removing ↵ | Colin Watson | |
/usr/bin/X11 (closes: #644521). | |||
2014-02-10 | Add the pam_keyinit session module, to create a new session keyring on login ↵ | Colin Watson | |
(closes: #734816). | |||
2014-02-10 | Merge 6.5p1. | Colin Watson | |
* New upstream release (http://www.openssh.com/txt/release-6.5, LP: #1275068): - ssh(1): Add support for client-side hostname canonicalisation using a set of DNS suffixes and rules in ssh_config(5). This allows unqualified names to be canonicalised to fully-qualified domain names to eliminate ambiguity when looking up keys in known_hosts or checking host certificate names (closes: #115286). | |||
2014-02-10 | record new upstream branch created by importing openssh_6.5p1.orig.tar.gz | Colin Watson | |
2014-02-10 | Add OpenPGP signature checking configuration to watch file (thanks, Daniel ↵ | Colin Watson | |
Kahn Gillmor; closes: #732441). | |||
2014-02-09 | Drop ssh-vulnkey | Colin Watson | |
Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code, leaving only basic configuration file compatibility, since it has been nearly six years since the original vulnerability and this code is not likely to be of much value any more. See https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full reasoning. | |||
2014-02-09 | Initialize git-dpm | Colin Watson | |
2014-02-09 | Remove trailing blank line. | Colin Watson | |
2014-02-09 | Switch to git; adjust Vcs-* fields. | Colin Watson | |
2013-12-23 | releasing package openssh version 1:6.4p1-2 | Colin Watson | |
2013-12-23 | Restore patch to disable OpenSSL version check (closes: #732940). | Colin Watson | |
2013-11-12 | Increase ServerKeyBits value in package-generated sshd_config to 1024 | Colin Watson | |
(closes: #727622, LP: #1244272). | |||
2013-11-09 | releasing package openssh version 1:6.4p1-1 | Colin Watson | |
2013-11-09 | urgency=high | Colin Watson | |
2013-11-09 | Add CVE-2013-4548 identifier. | Colin Watson | |
2013-11-09 | * New upstream release (http://www.openssh.com/txt/release-6.4). | Colin Watson | |
- sshd(8): fix a memory corruption problem triggered during rekeying when an AES-GCM cipher is selected (closes: #729029). Full details of the vulnerability are available at: http://www.openssh.com/txt/gcmrekey.adv | |||
2013-09-14 | * New upstream release (http://www.openssh.com/txt/release-6.3). | Colin Watson | |
- sftp(1): add support for resuming partial downloads using the "reget" command and on the sftp commandline or on the "get" commandline using the "-a" (append) option (closes: #158590). - ssh(1): add an "IgnoreUnknown" configuration option to selectively suppress errors arising from unknown configuration directives (closes: #436052). - sftp(1): update progressmeter when data is acknowledged, not when it's sent (partially addresses #708372). - ssh(1): do not fatally exit when attempting to cleanup multiplexing- created channels that are incompletely opened (closes: #651357). | |||
2013-08-12 | When running under Upstart, only consider the daemon started once it is | Colin Watson | |
ready to accept connections (by raising SIGSTOP at that point and using "expect stop"). | |||
2013-07-02 | releasing version 1:6.2p2-6 | Colin Watson | |
2013-07-02 | Update config.guess and config.sub automatically at build time. | Colin Watson | |
dh_autoreconf does not take care of that by default because openssh does not use automake. | |||
2013-06-27 | releasing version 1:6.2p2-5 | Colin Watson | |
2013-06-27 | debian/rules: Include real distribution in SSH_EXTRAVERSION instead of | Yolanda Robla | |
hardcoding Debian (LP: #1195342). |