Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-05-25 | recommending openssh-blacklist closes: #481187 | Colin Watson | |
2008-05-25 | - Update Turkish (thanks, Mert Dirik; closes: #482548). | Colin Watson | |
2008-05-21 | Update Spanish (thanks, Javier Fernandez-Sanguino Peña; closes: | Colin Watson | |
#482341). | |||
2008-05-21 | Recommend openssh-blacklist-extra from openssh-client and | Colin Watson | |
openssh-server. | |||
2008-05-21 | Recommend openssh-blacklist from openssh-client. | Colin Watson | |
2008-05-20 | Generate two keys with the PID forced to the same value and test that | Colin Watson | |
they differ, to defend against recurrences of the recent Debian OpenSSL vulnerability. | |||
2008-05-19 | Update Vietnamese (thanks, Clytie Siddall; closes: #481876). | Colin Watson | |
2008-05-19 | Update Bulgarian (thanks, Damyan Ivanov; closes: #481870). | Colin Watson | |
2008-05-19 | Update Basque (thanks, Piarres Beobide; closes: #481836). | Colin Watson | |
2008-05-18 | sync changelog credit with Last-Translator | Colin Watson | |
2008-05-18 | Update Portuguese (thanks, Rui Branco; closes: #481781). | Colin Watson | |
2008-05-18 | Update German (thanks, Helge Kreutzmann; closes: #481676). | Colin Watson | |
2008-05-17 | Update Czech (thanks, Miroslav Kure; closes: #481624). | Colin Watson | |
2008-05-17 | update Finnish again | Colin Watson | |
2008-05-17 | Update Japanese (thanks, Kenshi Muto; closes: #481621). | Colin Watson | |
2008-05-17 | Update Galician (thanks, Jacobo Tarrio; closes: #481596). | Colin Watson | |
2008-05-17 | Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #481591). | Colin Watson | |
2008-05-17 | Update French (thanks, Christian Perrier; closes: #481576). | Colin Watson | |
2008-05-17 | Check RSA1 keys without the need for a separate blacklist. Thanks to | Colin Watson | |
Simon Tatham for the idea. | |||
2008-05-17 | update Finnish translation | Colin Watson | |
2008-05-17 | debconf-updatepo | Colin Watson | |
2008-05-17 | ${HOST_KEYS} not translatable | Colin Watson | |
2008-05-17 | Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi). | Colin Watson | |
2008-05-14 | releasing version 1:4.7p1-10 | Colin Watson | |
2008-05-14 | clarify | Colin Watson | |
2008-05-14 | ssh-vulnkey handles options in authorized_keys (LP: #230029). | Colin Watson | |
2008-05-14 | ignore debian/*.debhelper.log | Colin Watson | |
2008-05-14 | Add a FILES section to ssh-vulnkey(1) (thanks, Hugh Daniel). | Colin Watson | |
2008-05-13 | releasing version 1:4.7p1-9 | Colin Watson | |
2008-05-13 | changed ssh-vulnkey output | Colin Watson | |
2008-05-13 | update from mdz | Colin Watson | |
2008-05-13 | compression | Colin Watson | |
2008-05-13 | add repair instructions from Matt | Colin Watson | |
2008-05-13 | add CVE identifier for OpenSSL vulnerability | Colin Watson | |
2008-05-12 | * Mitigate OpenSSL security vulnerability: | Colin Watson | |
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.) | |||
2008-04-09 | Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-8. | Colin Watson | |
- CVE-2008-1657: Ignore ~/.ssh/rc if a sshd_config ForceCommand is specified. | |||
2008-04-06 | releasing version 1:4.7p1-8 | Colin Watson | |
2008-04-06 | urgency=high for security fixes | Colin Watson | |
2008-04-06 | Backport from Simon Wilkinson's GSSAPI key exchange patch for 5.0p1: | Colin Watson | |
- Add code to actually implement GSSAPIStrictAcceptorCheck, which had somehow been omitted from a previous version of this patch (closes: #474246). | |||
2008-04-06 | typo | Colin Watson | |
2008-04-06 | Backport from 4.9p1: | Colin Watson | |
- Ignore ~/.ssh/rc if a sshd_config ForcedCommand is specified (see http://www.securityfocus.com/bid/28531/info). - Add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc. | |||
2008-04-04 | Tweak scp's reporting of filenames in verbose mode to be a bit less | Colin Watson | |
confusing with spaces (thanks, Nicolas Valcárcel; LP: #89945). | |||
2008-04-04 | Rename KeepAlive to TCPKeepAlive in sshd_config, cleaning up from old | Colin Watson | |
configurations (LP: #211400). | |||
2008-04-01 | Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5. | Colin Watson | |
- CVE-2008-1483: Don't use X11 forwarding port which can't be bound on all address families, preventing hijacking of X11 forwarding by | |||
2008-03-31 | releasing version 1:4.7p1-7 | Colin Watson | |
2008-03-31 | Ignore errors writing to oom_adj (closes: #473573). | Colin Watson | |
2008-03-30 | releasing version 1:4.7p1-6 | Colin Watson | |
2008-03-30 | * Disable the Linux kernel's OOM-killer for the sshd parent; tweak | Colin Watson | |
SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767). | |||
2008-03-22 | releasing version 1:4.7p1-5 | Colin Watson | |
2008-03-22 | * Use printf rather than echo -en (a bashism) in openssh-server.config and | Colin Watson | |
openssh-server.preinst. |