-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 26 May 2008 12:21:39 +0100 Source: openssh Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source all i386 Version: 1:4.7p1-11 Distribution: unstable Urgency: low Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Description: openssh-client - secure shell client, an rlogin/rsh/rcp replacement openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell server, an rshd replacement openssh-server-udeb - secure shell server for the Debian installer (udeb) ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 480020 481018 481151 481187 481398 481530 481576 481591 481596 481621 481624 481676 481721 481781 481836 481870 481876 482341 482464 482548 482808 482887 Changes: openssh (1:4.7p1-11) unstable; urgency=low . * Make init script depend on $syslog, and fix some other dependency glitches (thanks, Petter Reinholdtsen; closes: #481018). * Remove 0 and 6 from Default-Stop in init script (thanks, Kel Modderman; closes: #481151). * Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik; closes: #480020). * Allow building with heimdal-dev (LP: #125805). . * Check RSA1 keys without the need for a separate blacklist. Thanks to Simon Tatham for the idea. * Generate two keys with the PID forced to the same value and test that they differ, to defend against recurrences of the recent Debian OpenSSL vulnerability. * Recommend openssh-blacklist from openssh-client (closes: #481187). * Recommend openssh-blacklist-extra from openssh-client and openssh-server. * Make ssh-vulnkey report the file name and line number for each key (thanks, Heiko Schlittermann and Christopher Perry; closes: #481398). * Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see #481283). * Log IP addresses of hosts attempting to use blacklisted keys (closes: #481721). * Incorporate various ssh-vulnkey suggestions from Hugh Daniel: - Add -v (verbose) option, and don't print output for keys that have a blacklist file but that are not listed unless in verbose mode. - Move exit status documentation to a separate section. - Document key status descriptions. - Add key type to output. - Fix error output if ssh-vulnkey fails to read key files, with the exception of host keys unless -a was given. - In verbose mode, output the name of each file examined. * Handle leading IP addresses in ssh-vulnkey input (LP: #230497). * Fix various ssh-vulnkey problems pointed out by Solar Designer: - Fix some buffer handling inconsistencies. - Use xasprintf to build user key file names, avoiding truncation problems. - Drop to the user's UID when reading user keys with -a. - Use EUID rather than UID when run with no file names and without -a. - Reword "Unknown (no blacklist information)" to "Unknown (blacklist file not installed)". . * Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi). * debconf template translations: - Update Finnish (thanks, Esko Arajärvi; closes: #481530). - Update French (thanks, Christian Perrier; closes: #481576). - Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #481591). - Update Galician (thanks, Jacobo Tarrio; closes: #481596). - Update Japanese (thanks, Kenshi Muto; closes: #481621). - Update Czech (thanks, Miroslav Kure; closes: #481624). - Update German (thanks, Helge Kreutzmann; closes: #481676). - Update Portuguese (thanks, Ricardo Silva; closes: #481781). - Update Basque (thanks, Piarres Beobide; closes: #481836). - Update Bulgarian (thanks, Damyan Ivanov; closes: #481870). - Update Vietnamese (thanks, Clytie Siddall; closes: #481876). - Update Spanish (thanks, Javier Fernandez-Sanguino Peña; closes: #482341). - Update Turkish (thanks, Mert Dirik; closes: #482548). - Update Russian (thanks, Yuri Kozlov; closes: #482887). - Update Swedish (thanks, Martin Bagge; closes: #482464). - Update Italian (thanks, Luca Monducci; closes: #482808). Checksums-Sha1: 76b1ec02be086629c98f629d6d955688f389742e 1504 openssh_4.7p1-11.dsc 3b2959ca6e5f5a29a9a3332afbc373f4d9ea6ba1 213899 openssh_4.7p1-11.diff.gz 841ac47f237a0cc7e35549f58194ea26481d52e5 1046 ssh_4.7p1-11_all.deb be9ffaa00bb7d6037a868004868fec4bf23b4977 89540 ssh-krb5_4.7p1-11_all.deb 8d24567122a77c3b48721c1c2e25429d19ae8ef0 710256 openssh-client_4.7p1-11_i386.deb c7dde9059563f8bc16ba502654b9a3e01bdc0cb3 255818 openssh-server_4.7p1-11_i386.deb 4dd4df4eede7f78e1dfa767ecde8ddb74b873c6f 97016 ssh-askpass-gnome_4.7p1-11_i386.deb 967716d18bd41be43b721144a1875dcd825904f9 159278 openssh-client-udeb_4.7p1-11_i386.udeb 34167fced5733b4b96fa58e905da8a5a43bb2978 171868 openssh-server-udeb_4.7p1-11_i386.udeb Checksums-Sha256: e9a2c8a80c176251abcfe45152f4995ef65687affce4258b4912af274d1f2076 1504 openssh_4.7p1-11.dsc ba7b4dfb8cc3c6c8b7c0cd18159494d1ac0ffd0268c8cc9719ab8e295ed92aeb 213899 openssh_4.7p1-11.diff.gz eab5678692328983fd994422a238eb8efc63af0ea78979cb6d41bdbaf5719b59 1046 ssh_4.7p1-11_all.deb edd24d6460b2265f1834a5401d77ec441439441e4a5d9891725ba921f24e4c45 89540 ssh-krb5_4.7p1-11_all.deb 316696398e1e68ff5dc5b9a72d3311c81eb74bd33178a4da49b8ca0558088e94 710256 openssh-client_4.7p1-11_i386.deb 6197f0b02518032e3b880d202ae13dcf40a8a96202949d8b3a3f7465b2685068 255818 openssh-server_4.7p1-11_i386.deb 16c15308fc7acc3fea14530d48932d2c7a6f8959549e90177741d7f6ec40cf47 97016 ssh-askpass-gnome_4.7p1-11_i386.deb 8089a5f2157d5f3e2e000a6a347e3df97ac7db3ebe86d4e9c696180676d43898 159278 openssh-client-udeb_4.7p1-11_i386.udeb 914ab3652e358c67f57e9c4a6a7f372915fadd3fae9269a2b8440b495f3b7294 171868 openssh-server-udeb_4.7p1-11_i386.udeb Files: 004e8ca11e79bf3d792b3ba47bf3458d 1504 net standard openssh_4.7p1-11.dsc 334a00e4a6c26267baf18c0cbccae511 213899 net standard openssh_4.7p1-11.diff.gz b8ce184ff75db4a81aa30134b66511ed 1046 net extra ssh_4.7p1-11_all.deb 4a4bcb8a4cb7c764c91a65f18d25ca0d 89540 net extra ssh-krb5_4.7p1-11_all.deb 2689b5c1c12e5dc606ee4456fe157243 710256 net standard openssh-client_4.7p1-11_i386.deb 8b5cdca372a689386d0b0899aa34488c 255818 net optional openssh-server_4.7p1-11_i386.deb 7f2cbdfa0bdf5830ddfaca2a74e2d84b 97016 gnome optional ssh-askpass-gnome_4.7p1-11_i386.deb 55f51aaecf030f5a55de169d753d6bae 159278 debian-installer optional openssh-client-udeb_4.7p1-11_i386.udeb 910f47b9d5daf20fd75c95c71b7daca7 171868 debian-installer optional openssh-server-udeb_4.7p1-11_i386.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Colin Watson <cjwatson@debian.org> -- Debian developer iD8DBQFIOrp79t0zAhD6TNERAmB/AJ4sVohXeElqjT1BReSdXEUKyV0pLACfWhYc EU34xsMUE8Ran05CZsZFlQw= =hfCS -----END PGP SIGNATURE----- Accepted: openssh-client-udeb_4.7p1-11_i386.udeb to pool/main/o/openssh/openssh-client-udeb_4.7p1-11_i386.udeb openssh-client_4.7p1-11_i386.deb to pool/main/o/openssh/openssh-client_4.7p1-11_i386.deb openssh-server-udeb_4.7p1-11_i386.udeb to pool/main/o/openssh/openssh-server-udeb_4.7p1-11_i386.udeb openssh-server_4.7p1-11_i386.deb to pool/main/o/openssh/openssh-server_4.7p1-11_i386.deb openssh_4.7p1-11.diff.gz to pool/main/o/openssh/openssh_4.7p1-11.diff.gz openssh_4.7p1-11.dsc to pool/main/o/openssh/openssh_4.7p1-11.dsc ssh-askpass-gnome_4.7p1-11_i386.deb to pool/main/o/openssh/ssh-askpass-gnome_4.7p1-11_i386.deb ssh-krb5_4.7p1-11_all.deb to pool/main/o/openssh/ssh-krb5_4.7p1-11_all.deb ssh_4.7p1-11_all.deb to pool/main/o/openssh/ssh_4.7p1-11_all.deb