summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2019-03-01releasing package openssh version 1:7.9p1-9Colin Watson
2019-03-01Handle shell-style brace expansions in scp checksColin Watson
2019-02-28releasing package openssh version 1:7.9p1-8Colin Watson
2019-02-28Move moduli(5) manual page to openssh-serverColin Watson
This goes with /etc/ssh/moduli; forgotten in 1:7.9p1-5.
2019-02-28Correctly handle conffile move to openssh-serverDominik George
Closes: #919344
2019-02-28Request RSA-SHA2 signatures for corresponding cert algorithmsColin Watson
Closes: #923419
2019-02-28Fix key type checks with RSA-SHA2 signature typesColin Watson
2019-02-26releasing package openssh version 1:7.9p1-7Colin Watson
2019-02-25Tighten up start-stop-daemon invocationsColin Watson
Pass "--exec /usr/sbin/sshd" to start-stop-daemon on stop as well as start and pass "--chuid 0:0" on start, to avoid problems with non-root groups leaking into the ownership of /run/sshd.pid. Closes: #922365
2019-02-25Update logind recommendationColin Watson
Recommend "default-logind | logind | libpam-systemd" rather than just libpam-systemd. (I've retained libpam-systemd as an alternative for a while to avoid backporting accidents, although it can be removed later.) Thanks, Adam Borowski. Closes: #923199
2019-02-08releasing package openssh version 1:7.9p1-6Colin Watson
2019-02-08scp: Check remote->local directory copy filenamesColin Watson
CVE-2019-6111
2019-02-08Sanitize scp filenames via snmprintfColin Watson
CVE-2019-6109 Closes: #793412
2019-01-13releasing package openssh version 1:7.9p1-5Colin Watson
2019-01-12scp: disallow empty incoming filename or "."Colin Watson
Closes: #919101
2018-12-26Drop obsolete alternate build-dependency on libssl1.0-devColin Watson
Closes: #917342
2018-12-06Move /etc/ssh/moduli to openssh-serverColin Watson
It's reasonably large and only used by sshd. Closes: #858050
2018-11-16releasing package openssh version 1:7.9p1-4Colin Watson
2018-11-16Use dpkg_vendor_derives_from againColin Watson
This time with syntax that works.
2018-11-15Fix Ubuntu detection in debian/rulesColin Watson
The documentation comment for dpkg_vendor_derives_from is wrong (thanks, Jeremy Bicha; see #913816).
2018-11-15releasing package openssh version 1:7.9p1-3Colin Watson
2018-11-15Restore some direct test dependenciesColin Watson
Restore direct test dependencies on openssl, putty-tools, and python-twisted-conch; these are really only indirect dependencies via openssh-tests, but including them means that this package will be retested when they change.
2018-11-15Re-export debian/upstream/signing-key.asc without extra signaturesColin Watson
2018-11-15debian/control: Remove trailing whitespaceColin Watson
2018-11-15Avoid incorrect Makefile symlink in openssh-testsColin Watson
Be more specific about what files to install in openssh-tests, to avoid installing a symlink into the build tree.
2018-11-14releasing package openssh version 1:7.9p1-2Colin Watson
2018-11-05Add an openssh-tests binary packageColin Watson
This contains enough files to run the upstream regression tests. Doing this allows autopkgtest to run more efficiently, as it doesn't have to build part of the source tree again.
2018-11-05Set TEST_SHELL againColin Watson
There's no default for this in regress/Makefile (only in the top-level Makefile), so leaving it unset here doesn't work.
2018-11-03Drop "set -x" verbosity from the autopkgtestColin Watson
I think we can do without this in most cases nowadays, as things have been pretty stable for a while.
2018-11-03Make the autopkgtest create /run/sshd if it doesn't already existColin Watson
2018-11-03Add GitLab CI configurationColin Watson
2018-10-22Mark debian/NEWS entry as releasedColin Watson
2018-10-21releasing package openssh version 1:7.9p1-1Colin Watson
2018-10-21Remove /etc/network/if-up.d/openssh-serverColin Watson
It causes more problems than it solves. Add an "if-up hook removed" section to README.Debian documenting the corner case that may need configuration adjustments. Thanks, Christian Ehrhardt, Andreas Hasenack, and David Britton. Closes: #789532 LP: #1037738, #1674330, #1718227
2018-10-21Simplify debian/rules using /usr/share/dpkg/default.mk.Colin Watson
2018-10-20Remove dh_builddeb override to use xz compressionColin Watson
This has been the default since dpkg 1.17.0.
2018-10-20New upstream release (7.9p1)Colin Watson
2018-08-30releasing package openssh version 1:7.8p1-1Colin Watson
2018-08-30Work around conch interoperability failureColin Watson
Twisted Conch fails to read private keys in the new format (https://twistedmatrix.com/trac/ticket/9515). Work around this until it can be fixed in Twisted.
2018-08-30New upstream release (7.8p1)Colin Watson
Closes: #907534
2018-08-24Switch debian/watch to HTTPS.Colin Watson
2018-08-18Retroactively mention CVE-2018-15473 in changelogColin Watson
2018-08-17releasing package openssh version 1:7.7p1-4Colin Watson
2018-08-17Fix user enumeration vulnerabilityColin Watson
Apply upstream patch to delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. Closes: #906236
2018-07-10releasing package openssh version 1:7.7p1-3Colin Watson
2018-07-10Close #903474 as wellColin Watson
2018-06-28[ Christian Ehrhardt ]Christian Ehrhardt
Fix unintentional restriction of authorized keys environment options to be alphanumeric (LP: #1771011)
2018-06-18Add documentation links for systemdColin Watson
Add Documentation keys to ssh-agent.service, ssh.service, and ssh@.service.
2018-06-18Remove no-longer-used Lintian overrides from openssh-server and ssh.Colin Watson
2018-06-18Remove trailing blanks from old changelog entriesColin Watson