summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2006-05-12releasing version 1:4.3p2-1Colin Watson
2006-05-12* Ship README.tun.Colin Watson
2006-05-12move pam_nologin to account; auth doesn't work with publickeyColin Watson
2006-05-12* Policy version 3.7.2: no changes required.Colin Watson
2006-05-12* Restore pam_nologin to /etc/pam.d/ssh; sshd no longer checks this itselfColin Watson
when PAM is enabled, but relies on PAM to do it.
2006-05-12* Rephrase ssh/new_config and ssh/encrypted_host_key_but_no_keygen debconfColin Watson
templates to make boolean short descriptions end with a question mark and to avoid use of the first person.
2006-05-12* debian/rules: Resynchronise CFLAGS with that generated by configure.Colin Watson
2006-05-12* Update to current GSSAPI patch fromColin Watson
http://www.sxw.org.uk/computing/patches/openssh-4.3p2-gsskex-20060223.patch (closes: #352042).
2006-05-12Merge 4.3p2 to the trunk.Colin Watson
2006-04-16* Rename KeepAlive to TCPKeepAlive in default sshd_configColin Watson
(closes: #349896).
2006-04-07 - Add Galician (thanks, Jacobo Tarrio; closes: #361220).Colin Watson
2006-04-01* debconf template translations:Colin Watson
- Update Italian (thanks, Luca Monducci; closes: #360348).
2006-03-31releasing version 1:4.2p1-8Colin Watson
2006-03-31* Switch to debhelper compatibility level 4, since we now requireColin Watson
debhelper 4 even on sarge anyway for udeb support.
2006-03-31close #360068Colin Watson
2006-03-31* Use udeb support introduced in debhelper 4.2.0 (available in sarge)Colin Watson
rather than constructing udebs by steam. * Require debhelper 5.0.22, which generates correct shared library dependencies for udebs. This build-dependency can be ignored if building on sarge.
2006-03-01releasing version 1:4.2p1-7Colin Watson
2006-03-01small path reorderings, really sync with /etc/login.defsColin Watson
2006-03-01* I accidentally applied the default $PATH change in 1:4.2p1-6 to the udebColin Watson
rather than the deb. Fixed.
2006-02-20releasing version 1:4.2p1-6Colin Watson
2005-11-30 - Correct erroneously-changed Last-Translator headers in Greek andColin Watson
Spanish translations.
2005-11-30 - Update Spanish (thanks, Javier Fernández-Sanguino Peña;Colin Watson
closes: #341371).
2005-11-27* When the client receives a signal, don't fatal() with "Killed by signalColin Watson
%d." (which produces unhelpful noise on stderr and causes confusion for users of some applications that wrap ssh); instead, generate a debug message and exit with the traditional status (closes: #313371).
2005-10-10debconf-updatepoColin Watson
2005-10-10* debconf template translations:Colin Watson
- Add Swedish (thanks, Daniel Nylander; closes: #333133).
2005-10-10* Sync default values of $PATH from shadow 1:4.0.12-6, adding /usr/bin/X11Colin Watson
to the normal and superuser paths and /usr/games to the normal path.
2005-10-07releasing version 1:4.2p1-5Colin Watson
2005-10-07* Build-depend on libssl-dev (>= 0.9.8-1) to cope with surprise OpenSSLColin Watson
transition, since otherwise who knows what the buildds will do. If you're building openssh yourself, you can safely ignore this and use an older libssl-dev.
2005-10-07* Only send GSSAPI proposal if GSSAPIAuthentication is enabled.Colin Watson
2005-10-06* Build-depend on libselinux1-dev on armeb.Colin Watson
2005-10-03* Add a CVE name to the 1:4.0p1-1 changelog entry.Colin Watson
2005-09-16releasing version 1:4.2p1-4Colin Watson
2005-09-16* Initialise token to GSS_C_EMPTY_BUFFER in ssh_gssapi_check_mechanismColin Watson
(closes: #328606).
2005-09-15releasing version 1:4.2p1-3Colin Watson
2005-09-15* Explicitly tell po2debconf to use the 'popular' output encoding, so thatColin Watson
the woody-compatibility hack works even with po-debconf 0.9.0.
2005-09-15* Interoperate with ssh-krb5 << 3.8.1p1-1 servers, which used a slightlyColin Watson
different version of the gssapi authentication method (thanks, Aaron M. Ucko; closes: #328388).
2005-09-15* Add prototype for ssh_gssapi_server_mechanisms (closes: #328372).Colin Watson
2005-09-14releasing version 1:4.2p1-2Colin Watson
2005-09-14Kerberos support closes: #152657 tooColin Watson
2005-09-14fix versionColin Watson
2005-09-14 - Fix HAVE_GSSAPI_KRB5_H/HAVE_GSSAPI_GSSAPI_KRB5_H typos inColin Watson
gss-serv-krb5.c.
2005-09-14 - Update commented-out Kerberos/GSSAPI options in default sshd_config.Colin Watson
2005-09-14 - openssh-client and openssh-server replace ssh-krb5.Colin Watson
2005-09-14 - Build-depend on libkrb5-dev and configure --with-kerberos5=/usr.Colin Watson
2005-09-14Update copyright file for GSSAPI key exchange patch.Colin Watson
2005-09-14* Add remaining pieces of Kerberos support (closes: #275472):Colin Watson
- Add GSSAPI key exchange support from http://www.sxw.org.uk/computing/patches/openssh.html (thanks, Stephen Frost).
2005-09-14* Annotate 1:4.1p1-1 changelog with CVE references.Colin Watson
- SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts to be incorrectly activated for dynamic ("-D") port forwardings when no listen address was explicitly specified (closes: #326065). - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI credentials. This code is only built in openssh-krb5, not openssh, but I mention the CVE reference here anyway for completeness.
2005-09-14releasing version 1:4.2p1-1Colin Watson
2005-09-14* Set X11Forwarding to yes in the default sshd_config (new installs only).Colin Watson
At least when X11UseLocalhost is turned on, which is the default, the security risks of using X11 forwarding are risks to the client, not to the server (closes: #320104).
2005-09-14* openssh-client and openssh-server conflict with pre-split ssh to avoidColin Watson
problems when ssh is left un-upgraded (closes: #324695).