Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-03-31 | Ignore errors writing to oom_adj (closes: #473573). | Colin Watson | |
2008-03-30 | releasing version 1:4.7p1-6 | Colin Watson | |
2008-03-30 | * Disable the Linux kernel's OOM-killer for the sshd parent; tweak | Colin Watson | |
SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767). | |||
2008-03-22 | releasing version 1:4.7p1-5 | Colin Watson | |
2008-03-22 | * Use printf rather than echo -en (a bashism) in openssh-server.config and | Colin Watson | |
openssh-server.preinst. | |||
2008-03-22 | more detail on #463011 | Colin Watson | |
2008-03-22 | * Patch from Red Hat / Fedora: | Colin Watson | |
- Don't use X11 forwarding port which can't be bound on all address families (closes: #463011). | |||
2008-03-18 | * Document in ssh(1) that '-S none' disables connection sharing | Colin Watson | |
(closes: #471437). | |||
2008-02-29 | * debconf template translations: | Colin Watson | |
- Update Finnish (thanks, Esko Arajärvi; closes: #468563). | |||
2008-02-27 | * Recommends: xauth rather than Suggests: xbase-clients. | Colin Watson | |
2008-02-13 | releasing version 1:4.7p1-4 | Colin Watson | |
2008-02-13 | closes: #465614 as well | Colin Watson | |
2008-02-08 | * Move /etc/pam.d/ssh to /etc/pam.d/sshd, allowing us to stop defining | Colin Watson | |
SSHD_PAM_SERVICE (closes: #255870). | |||
2008-02-04 | * Include the autogenerated debian/copyright in the source package. | Colin Watson | |
2008-02-04 | * Fix configure detection of getseuserbyname and | Colin Watson | |
get_default_context_with_level (LP: #188136). | |||
2008-02-01 | releasing version 1:4.7p1-3 | Colin Watson | |
2008-02-01 | * Allow passing temporary daemon parameters on the init script's command | Colin Watson | |
line, e.g. '/etc/init.d/ssh start "-o PermitRootLogin=yes"' (thanks, Marc Haber; closes: #458547). | |||
2008-02-01 | * Backport from upstream: | Colin Watson | |
- Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent (https://bugzilla.mindrot.org/show_bug.cgi?id=1360). | |||
2008-01-12 | * Improve grammar of ssh-askpass-gnome description. | Colin Watson | |
2008-01-11 | releasing version 1:4.7p1-2 | Colin Watson | |
2008-01-11 | * Drop source-compatibility with Debian 3.0: | Colin Watson | |
- Remove support for building with GNOME 1. This allows simplification of our GNOME build-dependencies (see #460136). - Remove hacks to support the old PAM configuration scheme. - Remove compatibility for building without po-debconf. * Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I can see, the GTK2 version of ssh-askpass-gnome has never required libgnomeui-dev. | |||
2008-01-10 | * Add armel to architecture list for libselinux1-dev build-dependency | Colin Watson | |
(closes: #460136). | |||
2008-01-10 | * Pass --with-mantype=doc to configure rather than build-depending on | Colin Watson | |
groff (closes: #460121). | |||
2008-01-09 | * Adjust many relative links in faq.html to point to | Colin Watson | |
http://www.openssh.org/ (thanks, Dan Jacobson; mentioned in #459807). | |||
2007-12-24 | releasing version 1:4.7p1-1 | Colin Watson | |
2007-12-24 | * Policy version 3.7.3: no changes required. | Colin Watson | |
2007-12-24 | * Update copyright dates for Kerberos patch in debian/copyright.head. | Colin Watson | |
2007-12-24 | * Override desktop-file-but-no-dh_desktop-call lintian warning; the | Colin Watson | |
.desktop file is intentionally not installed (see 1:3.8.1p1-10). | |||
2007-12-24 | * Recode LICENCE to UTF-8 when concatenating it to debian/copyright. | Colin Watson | |
2007-12-24 | install debian/faq.html, not faq.html | Colin Watson | |
2007-12-24 | * Document the non-default options we set as standard in ssh_config(5) and | Colin Watson | |
sshd_config(5) (closes: #327886, #345628). | |||
2007-12-24 | use real filename for FAQ rule | Colin Watson | |
2007-12-24 | * Update moduli(5) to revision 1.11 from OpenBSD CVS. | Colin Watson | |
2007-12-24 | * Remove the hideously old /etc/ssh/primes on upgrade (closes: #123013). | Colin Watson | |
2007-12-24 | * Refactor debian/rules configure and make invocations to make development | Colin Watson | |
easier. | |||
2007-12-24 | * Fix "overriden" typo in ssh(1) (thanks, A. Costa; closes: #390699). | Colin Watson | |
2007-12-24 | * Create /var/run/sshd on start even if /etc/ssh/sshd_not_to_be_run exists | Colin Watson | |
(closes: #453285). | |||
2007-12-24 | * Install the OpenSSH FAQ in /usr/share/doc/openssh-client. | Colin Watson | |
- Includes documentation on copying files with colons using scp (closes: #303453). | |||
2007-12-24 | * New upstream release (closes: #453367). | Colin Watson | |
- CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec (closes: #444738). - sshd(8) in new installations defaults to SSH Protocol 2 only. Existing installations are unchanged. - The SSH channel window size has been increased, and both ssh(1) sshd(8) now send window updates more aggressively. These improves performance on high-BDP (Bandwidth Delay Product) networks. - ssh(1) and sshd(8) now preserve MAC contexts between packets, which saves 2 hash calls per packet and results in 12-16% speedup for arcfour256/hmac-md5. - A new MAC algorithm has been added, UMAC-64 (RFC4418) as "umac-64@openssh.com". UMAC-64 has been measured to be approximately 20% faster than HMAC-MD5. - Failure to establish a ssh(1) TunnelForward is now treated as a fatal error when the ExitOnForwardFailure option is set. - ssh(1) returns a sensible exit status if the control master goes away without passing the full exit status. - When using a ProxyCommand in ssh(1), set the outgoing hostname with gethostname(2), allowing hostbased authentication to work. - Make scp(1) skip FIFOs rather than hanging (closes: #246774). - Encode non-printing characters in scp(1) filenames. These could cause copies to be aborted with a "protocol error". - Handle SIGINT in sshd(8) privilege separation child process to ensure that wtmp and lastlog records are correctly updated. - Report GSSAPI mechanism in errors, for libraries that support multiple mechanisms. - Improve documentation for ssh-add(1)'s -d option. - Rearrange and tidy GSSAPI code, removing server-only code being linked into the client. - Delay execution of ssh(1)'s LocalCommand until after all forwardings have been established. - In scp(1), do not truncate non-regular files. - Improve exit message from ControlMaster clients. - Prevent sftp-server(8) from reading until it runs out of buffer space, whereupon it would exit with a fatal error (closes: #365541). - pam_end() was not being called if authentication failed (closes: #405041). - Manual page datestamps updated (closes: #433181). | |||
2007-12-03 | releasing version 1:4.6p1-7 | Colin Watson | |
2007-12-03 | * Check whether deluser exists in postrm (closes: #454085). | Colin Watson | |
2007-11-20 | * Adjust README.Debian to suggest mailing debian-ssh@lists.debian.org | Colin Watson | |
rather than Matthew. | |||
2007-11-17 | * Use autotools-dev's recommended configure --build and --host options. | Colin Watson | |
2007-11-14 | * Don't build PIE executables on m68k (closes: #451192). | Colin Watson | |
2007-11-12 | revert previous commit; ftruncate is needed to shorten a previously-existing ↵ | Colin Watson | |
file | |||
2007-11-12 | * Make scp only ftruncate if it hasn'\''t written the required number of | Colin Watson | |
bytes (works around #447153). | |||
2007-11-12 | releasing version 1:4.6p1-6 | Colin Watson | |
2007-11-12 | authorized_keys.5 belongs in openssh-server | Colin Watson | |
2007-11-12 | * Adjust categories in ssh-askpass-gnome.desktop to comply with the | Colin Watson | |
Desktop Menu Specification. | |||
2007-11-12 | * Don't ignore errors from 'make -C contrib clean'. | Colin Watson | |