-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 13 Jun 2007 00:28:26 +0100 Source: openssh Binary: ssh-askpass-gnome ssh-krb5 openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb Architecture: source powerpc all Version: 1:4.6p1-1 Distribution: unstable Urgency: low Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Description: openssh-client - secure shell client, an rlogin/rsh/rcp replacement openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell server, an rshd replacement openssh-server-udeb - secure shell server for the Debian installer (udeb) ssh - secure shell client and server (transitional package) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 50612 88337 99675 103677 122188 257524 307890 319639 333447 369964 389038 395507 397961 408027 410599 420035 Changes: openssh (1:4.6p1-1) unstable; urgency=low . * New upstream release (closes: #395507, #397961, #420035). Important changes not previously backported to 4.3p2: - 4.4/4.4p1 (http://www.openssh.org/txt/release-4.4): + On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. + Implemented conditional configuration in sshd_config(5) using the "Match" directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met. So far a useful subset of post-authentication options are supported and more are expected to be added in future releases. + Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256. + Added a "ForceCommand" directive to sshd_config(5). Similar to the command="..." option accepted in ~/.ssh/authorized_keys, this forces the execution of the specified command regardless of what the user requested. This is very useful in conjunction with the new "Match" option. + Add a "PermitOpen" directive to sshd_config(5). This mirrors the permitopen="..." authorized_keys option, allowing fine-grained control over the port-forwardings that a user is allowed to establish. + Add optional logging of transactions to sftp-server(8). + ssh(1) will now record port numbers for hosts stored in ~/.ssh/known_hosts when a non-standard port has been requested (closes: #50612). + Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established. + Extend sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments. + Replacement of all integer overflow susceptible invocations of malloc(3) and realloc(3) with overflow-checking equivalents. + Many manpage fixes and improvements. + Add optional support for OpenSSL hardware accelerators (engines), enabled using the --with-ssl-engine configure option. + Tokens in configuration files may be double-quoted in order to contain spaces (closes: #319639). + Move a debug() call out of a SIGCHLD handler, fixing a hang when the session exits very quickly (closes: #307890). + Fix some incorrect buffer allocation calculations (closes: #410599). + ssh-add doesn't ask for a passphrase if key file permissions are too liberal (closes: #103677). + Likewise, ssh doesn't ask either (closes: #99675). - 4.6/4.6p1 (http://www.openssh.org/txt/release-4.6): + sshd now allows the enabling and disabling of authentication methods on a per user, group, host and network basis via the Match directive in sshd_config. + Fixed an inconsistent check for a terminal when displaying scp progress meter (closes: #257524). + Fix "hang on exit" when background processes are running at the time of exit on a ttyful/login session (closes: #88337). * Update to current GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-4.6p1-gsskex-20070312.patch; install ChangeLog.gssapi. * Build the .deb --with-ssl-engine (closes: #408027, LP: #119295). * Use LSB functions in init scripts, and add an LSB-style header (partly from Ubuntu and partly thanks to Christian Perrier; closes: #389038). * Move init script start links to S16, move rc1 stop link to K84, and remove rc0 and rc6 stop links altogether (the last part from Ubuntu; closes: #122188). * Emit a slightly more informative message from the init script if /dev/null has somehow become not a character device (closes: #369964). * Belatedly build-depend on zlib1g-dev (>= 1:1.2.3-1) (closes: #333447). * Merge from Ubuntu: - Build position-independent executables (only for debs, not for udebs) to take advantage of address space layout randomisation. - If building on Ubuntu, add /sbin, /usr/sbin, and /usr/local/sbin to the default path. * Use ${binary:Version} rather than ${Source-Version} in openssh-server -> openssh-client dependency. Files: 274b1d5892e3805fc6cf02b4bcbae0d4 1062 net standard openssh_4.6p1-1.dsc cee58cd226138191561fa2d484e18f49 946439 net standard openssh_4.6p1.orig.tar.gz e31a11367a77ac6a5293286e463324bf 178464 net standard openssh_4.6p1-1.diff.gz 6a07b42810cb43825f5bccfef27d050b 1060 net extra ssh_4.6p1-1_all.deb 7611c62669803ede6d8873172807daa6 78884 net extra ssh-krb5_4.6p1-1_all.deb b410989a5fec7a9bb28040ae06805a2b 687032 net standard openssh-client_4.6p1-1_powerpc.deb eb67e9f21b381580a36a96e492e88479 257292 net optional openssh-server_4.6p1-1_powerpc.deb 8e23b1d093801f6caef9472eb8a84eab 88536 gnome optional ssh-askpass-gnome_4.6p1-1_powerpc.deb efc9ed4c7588942ed0ab42c5626ba523 173176 debian-installer optional openssh-client-udeb_4.6p1-1_powerpc.udeb d5eb39406e06da0896e23a60c9d48089 179456 debian-installer optional openssh-server-udeb_4.6p1-1_powerpc.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGbzCf9t0zAhD6TNERAmG1AJ96GA3o1U0f6u/gN9PlPhqdwwigCQCfTqmo 3RySlNDddnYbYP+sdo0jr9w= =H7r5 -----END PGP SIGNATURE----- Accepted: openssh-client-udeb_4.6p1-1_powerpc.udeb to pool/main/o/openssh/openssh-client-udeb_4.6p1-1_powerpc.udeb openssh-client_4.6p1-1_powerpc.deb to pool/main/o/openssh/openssh-client_4.6p1-1_powerpc.deb openssh-server-udeb_4.6p1-1_powerpc.udeb to pool/main/o/openssh/openssh-server-udeb_4.6p1-1_powerpc.udeb openssh-server_4.6p1-1_powerpc.deb to pool/main/o/openssh/openssh-server_4.6p1-1_powerpc.deb openssh_4.6p1-1.diff.gz to pool/main/o/openssh/openssh_4.6p1-1.diff.gz openssh_4.6p1-1.dsc to pool/main/o/openssh/openssh_4.6p1-1.dsc openssh_4.6p1.orig.tar.gz to pool/main/o/openssh/openssh_4.6p1.orig.tar.gz ssh-askpass-gnome_4.6p1-1_powerpc.deb to pool/main/o/openssh/ssh-askpass-gnome_4.6p1-1_powerpc.deb ssh-krb5_4.6p1-1_all.deb to pool/main/o/openssh/ssh-krb5_4.6p1-1_all.deb ssh_4.6p1-1_all.deb to pool/main/o/openssh/ssh_4.6p1-1_all.deb