| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-04-06 | lintian-symlink-pickiness.patch rejected upstream, but we need to keep it | Colin Watson | |
| 2010-04-06 | releasing version 1:5.4p1-1 | Colin Watson | |
| 2010-04-03 | * Policy version 3.8.4: | Colin Watson | |
| - Add a Homepage field. | |||
| 2010-03-31 | Drop most of our "LogLevel SILENT" (-qq) patch. This was originally | Colin Watson | |
| introduced to match the behaviour of non-free SSH, in which -q does not suppress fatal errors, but matching the behaviour of OpenSSH upstream is much more important nowadays. We no longer document that -q does not suppress fatal errors (closes: #280609). Migrate "LogLevel SILENT" to "LogLevel QUIET" in sshd_config on upgrade. | |||
| 2010-03-31 | Drop Debian-specific removal of OpenSSL version check. Upstream ignores | Colin Watson | |
| the two patchlevel nybbles now, which is sufficient to address the original reason this change was introduced, and it appears that any change in the major/minor/fix nybbles would involve a new libssl package name. (We'd still lose if the status nybble were ever changed, but that would mean somebody had packaged a development/beta version rather than a proper release, which doesn't appear to be normal practice.) | |||
| 2010-03-31 | Remove SSHD_OOM_ADJUST configuration. sshd now unconditionally makes | Colin Watson | |
| itself non-OOM-killable, and doesn't require configuration to avoid log spam in virtualisation containers (closes: #555625). | |||
| 2010-03-31 | ssh-vulnkey.patch: update another call to auth_key_is_revoked | Colin Watson | |
| 2010-03-31 | * New upstream release (LP: #535029). | Colin Watson | |
| - After a transition period of about 10 years, this release disables SSH protocol 1 by default. Clients and servers that need to use the legacy protocol must explicitly enable it in ssh_config / sshd_config or on the command-line. - Remove the libsectok/OpenSC-based smartcard code and add support for PKCS#11 tokens. This support is enabled by default in the Debian packaging, since it now doesn't involve additional library dependencies (closes: #231472, LP: #16918). - Add support for certificate authentication of users and hosts using a new, minimal OpenSSH certificate format (closes: #482806). - Added a 'netcat mode' to ssh(1): "ssh -W host:port ...". - Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian package, this overlaps with the key blacklisting facility added in openssh 1:4.7p1-9, but with different file formats and slightly different scopes; for the moment, I've roughly merged the two.) - Various multiplexing improvements, including support for requesting port-forwardings via the multiplex protocol (closes: #360151). - Allow setting an explicit umask on the sftp-server(8) commandline to override whatever default the user has (closes: #496843). - Many sftp client improvements, including tab-completion, more options, and recursive transfer support for get/put (LP: #33378). The old mget/mput commands never worked properly and have been removed (closes: #270399, #428082). - Do not prompt for a passphrase if we fail to open a keyfile, and log the reason why the open failed to debug (closes: #431538). - Prevent sftp from crashing when given a "-" without a command. Also, allow whitespace to follow a "-" (closes: #531561). | |||
| 2010-03-31 | handle merge history from previous tarball branch | Colin Watson | |
| 2010-03-29 | Hardcode the location of xauth to /usr/bin/xauth rather than | Colin Watson | |
| /usr/bin/X11/xauth (thanks, Aron Griffis; closes: #575725, LP: #8440). xauth no longer depends on x11-common, so we're no longer guaranteed to have the /usr/bin/X11 symlink available. I was taking advantage of the /usr/bin/X11 symlink to smooth X's move to /usr/bin, but this is far enough in the past now that it's probably safe to just use /usr/bin. | |||
| 2010-03-17 | Fix substitution of ETC_PAM_D_SSH, following the rename in 1:4.7p1-4. | Colin Watson | |
| 2010-03-08 | Drop compatibility with the old gssapi mechanism used in ssh-krb5 << | Colin Watson | |
| 3.8.1p1-1. Simon Wilkinson refused this patch since the old gssapi mechanism was removed due to a serious security hole, and since these versions of ssh-krb5 are no longer security-supported by Debian I don't think there's any point keeping client compatibility for them. | |||
| 2010-03-01 | mark quilt-setup target as phony | Colin Watson | |
| 2010-03-01 | commentary from Jonathan (original patch author) on syslog-level-silent.patch | Colin Watson | |
| 2010-03-01 | existing upstream bug reference for quieter-signals.patch | Colin Watson | |
| 2010-03-01 | forwarded lintian-symlink-pickiness.patch | Colin Watson | |
| 2010-03-01 | Include debian/ssh-askpass-gnome.png in the Debian tarball now that | Colin Watson | |
| we're using a source format that permits this, rather than messing around with uudecode. | |||
| 2010-03-01 | forwarded old-gssapi.patch | Colin Watson | |
| 2010-03-01 | forwarded gssapi-compat.patch | Colin Watson | |
| 2010-03-01 | forwarded doc-hash-tab-completion.patch | Colin Watson | |
| 2010-03-01 | forwarded selinux-fix-chroot-directory.patch | Colin Watson | |
| 2010-03-01 | update Last-Update fields | Colin Watson | |
| 2010-03-01 | forwarded gnome-ssh-askpass2-link.patch | Colin Watson | |
| 2010-03-01 | forwarded doc-connection-sharing.patch | Colin Watson | |
| 2010-03-01 | forwarded ssh-copy-id-status-check.patch | Colin Watson | |
| 2010-03-01 | forwarded config-guess-sub.patch | Colin Watson | |
| 2010-03-01 | forwarded hurd-epfnosupport.patch | Colin Watson | |
| 2010-03-01 | forwarded authorized-keys-man-symlink.patch | Colin Watson | |
| 2010-03-01 | ssh-vulnkey.patch: fix offsets | Colin Watson | |
| 2010-03-01 | Fix 'debian/rules quilt-setup' to avoid writing .orig files if some | Colin Watson | |
| patches apply with offsets. | |||
| 2010-02-28 | releasing version 1:5.3p1-3 | Colin Watson | |
| 2010-02-28 | Update copyright years for GSSAPI patch. | Colin Watson | |
| 2010-02-28 | remove trailing whitespace | Colin Watson | |
| 2010-02-28 | Remove obsolete header from README.Debian dating from when people | Colin Watson | |
| expected non-free SSH. | |||
| 2010-02-28 | more conventional signature style | Colin Watson | |
| 2010-02-28 | Remove documentation of building for Debian 3.0 in README.Debian. | Colin Watson | |
| Support for this was removed in 1:4.7p1-2. | |||
| 2010-02-28 | forwarded gssapi-dump.patch | Colin Watson | |
| 2010-02-28 | Add GSSAPIStoreCredentialsOnRekey to 'sshd -T' configuration dump. | Colin Watson | |
| 2010-02-28 | * Update README.source to match, and add a 'quilt-setup' target to | Colin Watson | |
| debian/rules for the benefit of those checking out the package from revision control. * All patches are now maintained separately and tagged according to DEP-3. | |||
| 2010-02-28 | DEP-3 tagging of all remaining patches | Colin Watson | |
| 2010-02-28 | DEP-3 tagging of versioning and file system layout | Colin Watson | |
| 2010-02-28 | better patch name | Colin Watson | |
| 2010-02-28 | DEP-3 tagging of remaining miscellaneous bug fixes | Colin Watson | |
| 2010-02-27 | DEP-3 tagging for message adjustments, and start on miscellaneous bug fixes | Colin Watson | |
| 2010-02-27 | DEP-3 tagging of autotools, SELinux, key blacklisting, and keepalive patches | Colin Watson | |
| 2010-02-27 | DEP-3 tagging of GSSAPI patches; split old-gssapi.patch more appropriately | Colin Watson | |
| 2010-02-27 | Convert to source format 3.0 (quilt). | Colin Watson | |
| 2010-02-22 | releasing version 1:5.3p1-2 | Colin Watson | |
| 2010-02-22 | run dh_installexamples after dh_link | Colin Watson | |
| 2010-01-31 | Honour DEB_BUILD_OPTIONS=nocheck. | Colin Watson | |
 |
index : openssh.git | |
| summaryrefslogtreecommitdiff |