summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2013-05-13releasing version 1:6.2p1-3Colin Watson
2013-05-13Renumber Debian-specific additions to enum monitor_reqtype so that theyColin Watson
fit within a single byte (thanks, Jason Conti; LP: #1179202).
2013-05-09releasing version 1:6.2p1-2Colin Watson
2013-05-09Fix consolekit mismerges in monitor.c and monitor_wrap.c.Colin Watson
2013-05-09* Fix build failure on Ubuntu:Colin Watson
- Include openbsd-compat/sys-queue.h from consolekit.c.
2013-05-07releasing version 1:6.2p1-1Colin Watson
2013-05-07Move platform_sys_dir_uid to misc.c to fix linking following ↵Colin Watson
user-group-modes.patch.
2013-05-07* New upstream release (http://www.openssh.com/txt/release-6.2).Colin Watson
- Add support for multiple required authentication in SSH protocol 2 via an AuthenticationMethods option (closes: #195716). - Fix Sophie Germain formula in moduli(5) (closes: #698612). - Update ssh-copy-id to Phil Hands' greatly revised version (closes: #99785, #322228, #620428; LP: #518883, #835901, #1074798).
2013-05-06Use dh-autoreconf.Colin Watson
2013-03-25releasing version 1:6.1p1-4Colin Watson
2013-03-25Add ssh-agent upstart user job. This implements something similar toStéphane Graber
the 90x11-common_ssh-agent Xsession script. That is, start ssh-agent and set the appropriate environment variables (closes: #703906).
2013-03-25debian/openssh-server.sshd.pam: Explicitly state that ~/.pam_environmentGunnar Hjalmarsson
should be read, and move the pam_env calls from "auth" to "session" so that it's also read when $HOME is encrypted (LP: #952185).
2013-02-08releasing version 1:6.1p1-3Colin Watson
2013-02-08CVE-2010-5107: Improve DoS resistance by changing default of MaxStartupsColin Watson
to 10:30:100 (closes: #700102).
2012-12-19Give ssh and ssh-krb5 versioned dependencies on openssh-client andColin Watson
openssh-server, to try to reduce confusion when people run 'apt-get install ssh' or similar and expect that to upgrade everything relevant.
2012-11-26releasing version 1:6.1p1-2Colin Watson
2012-11-26Simplify --with-consolekit handling.Colin Watson
2012-11-26Install apport hooks.Colin Watson
2012-11-26Add mention of ssh-keygen in ssh connect warning (Scott Moser).Colin Watson
2012-11-26Tweak sshd(8) to refer to ssh's Upstart job as well as its init script.Colin Watson
2012-11-26Merge Upstart job scripting support from Ubuntu, to handle the Upstart job ↵Colin Watson
being primary there.
2012-11-25Only build with -j if DEB_BUILD_OPTIONS=parallel=* is used (closes:Colin Watson
#694282).
2012-11-01Add an Upstart job (not currently used by default in Debian).Colin Watson
2012-10-31Drop openssh-blacklist and openssh-blacklist-extra to Suggests. It'sColin Watson
been long enough since the relevant vulnerability that we shouldn't need these installed by default nowadays.
2012-10-31* Merge from Ubuntu:Colin Watson
- Add support for registering ConsoleKit sessions on login. (This is currently enabled only when building for Ubuntu.)
2012-09-28Use xz compression for binary packages.Colin Watson
2012-09-07releasing version 1:6.1p1-1Colin Watson
2012-09-07Consolidate the two "Miscellaneous bug fixes" sections of debian/patches/series.Colin Watson
2012-09-07* New upstream release (http://www.openssh.com/txt/release-6.1).Colin Watson
- Enable pre-auth sandboxing by default for new installs. - Allow "PermitOpen none" to refuse all port-forwarding requests (closes: #543683).
2012-08-24releasing version 1:6.0p1-3Colin Watson
2012-08-24Add ncurses-term to openssh-server's Recommends, since it's often neededColin Watson
to support unusual terminal emulators on clients (closes: #675362).
2012-08-24Call restorecon on copied ~/.ssh/authorized_keys if possible, since someColin Watson
SELinux policies require this (closes: #658675).
2012-07-16* debconf template translations:Colin Watson
- Add Indonesian (thanks, Andika Triwidada; closes: #681670).
2012-06-24releasing version 1:6.0p1-2Colin Watson
2012-06-24Tighten libssl1.0.0 and libcrypto1.0.0-udeb dependencies to the currentColin Watson
"fix" version at build time (closes: #678661).
2012-05-26releasing version 1:6.0p1-1Colin Watson
2012-05-26Add a sandbox fallback mechanism, so that behaviour on Linux depends onColin Watson
whether the running system's kernel has seccomp_filter support, not the build system's kernel (forwarded upstream as https://bugzilla.mindrot.org/show_bug.cgi?id=2011).
2012-05-22Pass noupdate to pam_motd call for /run/motd.dynamic.Roger Leigh
2012-05-18IPQoS fix closes #671075 tooColin Watson
2012-05-18close #671010 with new upstreamColin Watson
2012-05-18Fix a bashism in configure's seccomp_filter check.Colin Watson
2012-05-18* New upstream release (http://www.openssh.org/txt/release-6.0).Colin Watson
- Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections (closes: #643312, #650512). - Add a new privilege separation sandbox implementation for Linux's new seccomp sandbox, automatically enabled on platforms that support it. (Note: privilege separation sandboxing is still experimental.)
2012-04-22Update OpenSSH FAQ to revision 1.113, fixing missing line break (closes:Colin Watson
#669667).
2012-04-21Display dynamic part of MOTD from /run/motd.dynamic, if it existsColin Watson
(closes: #669699).
2012-04-02releasing version 1:5.9p1-5Colin Watson
2012-04-02* Fix cross-building:Colin Watson
- Allow using a cross-architecture pkg-config. - Pass default LDFLAGS to contrib/Makefile. - Allow dh_strip to strip gnome-ssh-askpass, rather than calling 'install -s'.
2012-04-01Use dpkg-buildflags, including for hardening support; drop use ofColin Watson
hardening-includes.
2012-03-19releasing version 1:5.9p1-4Colin Watson
2012-03-19Disable OpenSSL version check again, as its SONAME is sufficientColin Watson
nowadays (closes: #664383).
2012-02-24releasing version 1:5.9p1-3Colin Watson