-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 03 Apr 2014 01:05:27 +0100 Source: openssh Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source i386 all Version: 1:5.5p1-6+squeeze5 Distribution: oldstable-security Urgency: high Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 742513 Changes: openssh (1:5.5p1-6+squeeze5) oldstable-security; urgency=high . * CVE-2014-2532: Disallow invalid characters in environment variable names to prevent bypassing AcceptEnv wildcard restrictions. * CVE-2014-2653: Attempt SSHFP lookup even if server presents a certificate (closes: #742513). Checksums-Sha1: 1e77c9722cd167691e7d3f4f3bd1cc7b9d6af136 2270 openssh_5.5p1-6+squeeze5.dsc 361c6335e74809b26ea096b34062ba8ff6c97cd6 1097574 openssh_5.5p1.orig.tar.gz d5bdd108f77da5b01cdbbde3d2a5c133fb836d92 241749 openssh_5.5p1-6+squeeze5.debian.tar.gz 57435eaffa96fae25354c403d9a3050f98f38dd8 883550 openssh-client_5.5p1-6+squeeze5_i386.deb 63a60365d96212a54bcb60ead6860a85f9095054 298704 openssh-server_5.5p1-6+squeeze5_i386.deb e309007e598514044625994cefecf8b1509888f5 1248 ssh_5.5p1-6+squeeze5_all.deb 24c04bd768c528f49bcfd00739f5bcb2eb22e6b1 96110 ssh-krb5_5.5p1-6+squeeze5_all.deb d5c800a5de27008b69120a8905042cf0a08d9a68 103936 ssh-askpass-gnome_5.5p1-6+squeeze5_i386.deb 911c80d2e57cf46d11c50181f21a87d8f7c471e9 194852 openssh-client-udeb_5.5p1-6+squeeze5_i386.udeb 71a02ade8f0f09826d6a5ecfdf38b25021290851 218666 openssh-server-udeb_5.5p1-6+squeeze5_i386.udeb Checksums-Sha256: 26a23612902d7134bd8d7ee42c3b5842d30928dd35089fb44a0ba159bd480920 2270 openssh_5.5p1-6+squeeze5.dsc 36eedd6efe6663186ed23573488670f9b02e34744694e94a9f869b6f25e47e8a 1097574 openssh_5.5p1.orig.tar.gz b63c74eb945eaa22e1fcf2a2bfffda271d2c0f086e8a94231320ecfd66e8abc2 241749 openssh_5.5p1-6+squeeze5.debian.tar.gz e1a0a0748d7976e452fcd1d38db176bdb0bfc09c59166a405056e8d3799140ef 883550 openssh-client_5.5p1-6+squeeze5_i386.deb 86324c912df037f2496869849eef3ce353cf4ebec80fdf7342e7f94c93119bcd 298704 openssh-server_5.5p1-6+squeeze5_i386.deb a545e13d7be0b6d3765828f40fa862b01a8873d091b9431b34b7f25267b7fd28 1248 ssh_5.5p1-6+squeeze5_all.deb 9b836bfea8493fdf241ceb5e79ae64d4b55cc0328cf711020b74d46629f64df3 96110 ssh-krb5_5.5p1-6+squeeze5_all.deb b7aa0276cb96aa15da1fb0ad3c89eee001bd06f86179134ea4cf2f4b5231d41e 103936 ssh-askpass-gnome_5.5p1-6+squeeze5_i386.deb 94e56ef409a451cf1d7b305c12a8b82eb7713a16de41da44169f71eeb6c04b0b 194852 openssh-client-udeb_5.5p1-6+squeeze5_i386.udeb d2b3e8f2fc7eed0ec674c3bb7acde7102a7cb6235fb6bad50f860d8d0983a1f6 218666 openssh-server-udeb_5.5p1-6+squeeze5_i386.udeb Files: 7735c6c1a4327df923a495700d4ccc10 2270 net standard openssh_5.5p1-6+squeeze5.dsc 88633408f4cb1eb11ec7e2ec58b519eb 1097574 net standard openssh_5.5p1.orig.tar.gz 0f3d07d31e509002dc8fca1603b4d35d 241749 net standard openssh_5.5p1-6+squeeze5.debian.tar.gz 4349a2aae295a3ac29ee3a89553cb608 883550 net standard openssh-client_5.5p1-6+squeeze5_i386.deb ead771ecbf265cfc36603daa28507a6f 298704 net optional openssh-server_5.5p1-6+squeeze5_i386.deb 88becb35e11eba73ba73f3786f328dc0 1248 net extra ssh_5.5p1-6+squeeze5_all.deb 28324ff443b4c62754f49fb54d9c017c 96110 net extra ssh-krb5_5.5p1-6+squeeze5_all.deb e296e474bf66c1dd05f66125ce81b51c 103936 gnome optional ssh-askpass-gnome_5.5p1-6+squeeze5_i386.deb a40b1d237a5d845daefcb6394ebb2139 194852 debian-installer optional openssh-client-udeb_5.5p1-6+squeeze5_i386.udeb 4f1469189e066fdccfa4be325927de86 218666 debian-installer optional openssh-server-udeb_5.5p1-6+squeeze5_i386.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Colin Watson <cjwatson@debian.org> -- Debian developer iQIVAwUBUzyq9Dk1h9l9hlALAQgAdRAAnJW4mR27q8UnaHp+Hzu8sxnbQzanq5v4 tm2DEvlrWu6RPhyZcSM0QAANRmg6tbEYbbNQOByb2xZXlVKTmwqtezkPNpSibf7T s1j+t0hTYdp4cT+IIYe/jkvFg153l7qmrnUBxTRnwzQXvriNH8z0cUoPluyGb6Gq S6zCEAANK/H0C2k10A6BESjqgl1tPXC9BRd35E0lebEgXHijQGCllaQC81DKO72E BZiNSEfEVuRtEKzgufEM3n9w2NpRFr+IbbIv4hJoEcs9CPmcn1NgIoIN3n8YdMCv opmNg/hM2C8WWxz7ShDnOm9pvH9n9ag1ttHxKFz0/NS/9haHbfqU2/Hy+oI0TJzN AYfN22fqUbMWznpf0xoMnKlJMrP3xDyVHRbmecCYfbVnu4apFI4IRMFX0XXwlfjK f5dbIIqem/EEI3SrDRaU5EsawM2pBE6DInrYpsv80b1v8QYB9cB7xX/RbogAAD1G Pilqv4PNvmxPluCrRgUJyrB5QT7WyCx3xMOxZfNveQkc7tG0cI/eR3cqF7GaSIh7 Ga6syNmZ9NCktiZZRLXxO943+1ZYq6D4BtH3R0tqzxui529krVGRVthuzVKsTgn2 UVYa4w7UWnB+cwYGdcxIydnCFUDIAPB5j6cTKBBJdAZ7J1/JLXxiOI4lk3jyGExH E5lTjFfh0w4= =Vzqh -----END PGP SIGNATURE-----