From b34b9bce64898ec4b444424c9211619a2249f583 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Wed, 14 Sep 2005 13:41:06 +0000 Subject: Flesh out changelog for upstream changes in 4.2p1. --- debian/changelog | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/debian/changelog b/debian/changelog index 1ee13f203..1d527aa7c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,19 @@ openssh (1:4.2p1-1) UNRELEASED; urgency=low * New upstream release. + - SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts + to be incorrectly activated for dynamic ("-D") port forwardings when + no listen address was explicitly specified (closes: #326065). + - Add a new compression method ("Compression delayed") that delays zlib + compression until after authentication, eliminating the risk of zlib + vulnerabilities being exploited by unauthenticated users. Note that + users of OpenSSH versions earlier than 3.5 will need to disable + compression on the client or set "Compression yes" (losing this + security benefit) on the server. + - Increase the default size of new RSA/DSA keys generated by ssh-keygen + from 1024 to 2048 bits (closes: #181162). + - Many bugfixes and improvements to connection multiplexing. + - Don't pretend to accept $HOME (closes: #208648). * debian/rules: Resynchronise CFLAGS with that generated by configure. -- Colin Watson Wed, 14 Sep 2005 13:35:17 +0100 -- cgit v1.2.3