Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-09-14 | - Build-depend on libkrb5-dev and configure --with-kerberos5=/usr. | Colin Watson | |
2005-09-14 | Update copyright file for GSSAPI key exchange patch. | Colin Watson | |
2005-09-14 | * Add remaining pieces of Kerberos support (closes: #275472): | Colin Watson | |
- Add GSSAPI key exchange support from http://www.sxw.org.uk/computing/patches/openssh.html (thanks, Stephen Frost). | |||
2005-09-14 | * Annotate 1:4.1p1-1 changelog with CVE references. | Colin Watson | |
- SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts to be incorrectly activated for dynamic ("-D") port forwardings when no listen address was explicitly specified (closes: #326065). - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI credentials. This code is only built in openssh-krb5, not openssh, but I mention the CVE reference here anyway for completeness. | |||
2005-09-14 | releasing version 1:4.2p1-1 | Colin Watson | |
2005-09-14 | * Set X11Forwarding to yes in the default sshd_config (new installs only). | Colin Watson | |
At least when X11UseLocalhost is turned on, which is the default, the security risks of using X11 forwarding are risks to the client, not to the server (closes: #320104). | |||
2005-09-14 | * openssh-client and openssh-server conflict with pre-split ssh to avoid | Colin Watson | |
problems when ssh is left un-upgraded (closes: #324695). | |||
2005-09-14 | Flesh out changelog for upstream changes in 4.2p1. | Colin Watson | |
2005-09-14 | * debian/rules: Resynchronise CFLAGS with that generated by configure. | Colin Watson | |
2005-09-14 | Merge 4.2p1 to the trunk. | Colin Watson | |
2005-09-02 | releasing version 1:4.1p1-7 | Colin Watson | |
2005-09-02 | * Policy version 3.6.2: no changes required. | Colin Watson | |
2005-09-02 | * Fix XSIish uses of 'test' in openssh-server.preinst. | Colin Watson | |
2005-09-02 | * Add GNU/kFreeBSD support (thanks, Aurelien Jarno; closes: #318113). | Colin Watson | |
2005-09-02 | * Work around the ssh-askpass alternative somehow ending up in manual mode | Colin Watson | |
pointing to the obsolete /usr/lib/ssh/gnome-ssh-askpass. | |||
2005-07-09 | Do the IDEA host key check on a temporary file to avoid altering | Colin Watson | |
/etc/ssh/ssh_host_key itself (closes: #312312). | |||
2005-07-09 | fix awful formatting in check_idea_key | Colin Watson | |
2005-07-07 | Finish 1:4.1p1-6. | Colin Watson | |
2005-07-07 | Fix one-character typo that meant the binaries in openssh-client and | Colin Watson | |
openssh-server got recompiled with the wrong options during 'debian/rules install' (closes: #317088, #317238, #317241). | |||
2005-07-03 | Finish 1:4.1p1-5. | Colin Watson | |
2005-07-03 | Allow ~/.ssh/config to be group-writable, provided that the group in | Colin Watson | |
question contains only the file's owner (closes: #314347). | |||
2005-07-03 | Disable btmp logging, since Debian's /var/log/btmp has inappropriate | Colin Watson | |
permissions (closes: #314956). | |||
2005-07-03 | documentation directory reorganisation closes: #314745 | Colin Watson | |
2005-07-03 | Ship README.dns (closes: #284874). | Colin Watson | |
2005-07-03 | Make /usr/share/doc/openssh-server and /usr/share/doc/ssh symlinks to | Colin Watson | |
/usr/share/doc/openssh-client. | |||
2005-07-03 | debconf-updatepo | Colin Watson | |
2005-07-02 | Add Vietnamese debconf template translation (thanks, Clytie Siddall; | Colin Watson | |
closes: #316636). | |||
2005-06-30 | Drop priority of ssh to extra to match the override file. | Colin Watson | |
2005-06-24 | Update Brazilian Portuguese debconf template translation (thanks, André | Colin Watson | |
Luís Lopes; closes: #315477). | |||
2005-06-17 | Build-depend on libselinux1-dev on ppc64 too (closes: #314625). | Colin Watson | |
2005-06-17 | Finish 1:4.1p1-4. | Colin Watson | |
2005-06-17 | Switch to debhelper compat level 3, since 2 is deprecated. | Colin Watson | |
2005-06-17 | Restore /usr/lib/sftp-server temporarily, as a symlink to | Colin Watson | |
/usr/lib/openssh/sftp-server (closes: #312891). | |||
2005-06-17 | Re-enable ssh-askpass-gnome on the Hurd, now that its build-dependencies | Colin Watson | |
are available. | |||
2005-06-17 | close #308555 | Colin Watson | |
2005-06-17 | Manoj Srivastava: | Colin Watson | |
- Added SELinux capability, and turned it on be default. Added restorecon calls in preinst and postinst (should not matter if the machine is not SELinux aware). By and large, the changes made should have no effect unless the rules file calls --with-selinux; and even then there should be no performance hit for machines not actively running SELinux. - Modified the preinst and postinst to call restorecon to set the security context for the generated public key files. - Added a comment to /etc/pam.d/ssh to indicate that an SELinux system may want to also include pam_selinux.so. | |||
2005-06-14 | Update German debconf template translation (thanks, Jens Seidel; closes: | Colin Watson | |
#313949). | |||
2005-06-08 | openssh-client and openssh-server conflict with ssh-krb5, as ssh-krb5 only | Colin Watson | |
conflicts with ssh (closes: #312475). | |||
2005-06-06 | Finish 1:4.1p1-3. | Colin Watson | |
2005-06-02 | Finish 1:4.1p1-2. | Colin Watson | |
2005-06-01 | Apply Linux 2.2 workaround (see #239999) only on Linux. | Colin Watson | |
2005-06-01 | Fix DEB_HOST_ARCH_OS/DEB_HOST_GNU_SYSTEM compatibility handling. | Colin Watson | |
2005-05-31 | ssh-keygen -> ssh-keysign (OK Matti Pöllä), in case this translation gets | Colin Watson | |
resurrected | |||
2005-05-31 | Remove unnecessary SSH_KEYSIGN variable overrides. | Colin Watson | |
2005-05-31 | Fix picky lintian errors about slogin symlinks. | Colin Watson | |
2005-05-31 | Add lintian overrides for the above (setuid-binary, no-debconf-templates). | Colin Watson | |
2005-05-31 | Since ssh-keysign isn't used by default (you need to set EnableSSHKeysign | Colin Watson | |
to "yes" in /etc/ssh/ssh_config), having a debconf question to ask whether it should be setuid is overkill, and the question text had got out of date anyway. Remove this question, ship ssh-keysign setuid in openssh-client.deb, and set a statoverride if the debconf question was previously set to false. | |||
2005-05-31 | Drop debconf support for allowing SSH protocol 1, which is discouraged and | Colin Watson | |
has not been the default since openssh 1:3.0.1p1-1. Users who need this should edit sshd_config instead (closes: #147212). | |||
2005-05-31 | Finish 1:4.1p1-1. | Colin Watson | |
2005-05-31 | Fix up very old sshd_config files that refer to /usr/libexec/sftp-server | Colin Watson | |
(closes: #141979). |