-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 14 Jan 2016 15:28:03 +0000 Source: openssh Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source Version: 1:7.1p2-1 Distribution: unstable Urgency: high Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 810984 Changes: openssh (1:7.1p2-1) unstable; urgency=high . * New upstream release (http://www.openssh.com/txt/release-7.1p2): - CVE-2016-0777, CVE-2016-0778: Disable experimental client-side support for roaming, which could be tricked by a malicious server into leaking client memory to the server, including private client user keys; this information leak is restricted to connections to malicious or compromised servers (closes: #810984). - SECURITY: Fix an out of-bound read access in the packet handling code. Reported by Ben Hawkes. - Further use of explicit_bzero has been added in various buffer handling code paths to guard against compilers aggressively doing dead-store removal. Checksums-Sha1: 89b110673f494251c90972f07ee8d2d79d35e91a 2835 openssh_7.1p2-1.dsc 9202f5a2a50c8a55ecfb830609df1e1fde97f758 1475829 openssh_7.1p2.orig.tar.gz f7a906cafdb5c148086c7a245f5a267996552a5d 148576 openssh_7.1p2-1.debian.tar.xz Checksums-Sha256: a1f6b01e2229f167f35e5f5378181f3d931196919efa1a8c379709686c79a639 2835 openssh_7.1p2-1.dsc dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd 1475829 openssh_7.1p2.orig.tar.gz 349d952bd32dbce1191deb3cd79b37d5380610766a3b047eb2f295f228ce8b50 148576 openssh_7.1p2-1.debian.tar.xz Files: dd0ef27249e07ef1e16066ea7762622f 2835 net standard openssh_7.1p2-1.dsc 4d8547670e2a220d5ef805ad9e47acf2 1475829 net standard openssh_7.1p2.orig.tar.gz 413eee29fec1fa26546265c5e2eef4cf 148576 net standard openssh_7.1p2-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Colin Watson <cjwatson@debian.org> -- Debian developer iQIVAwUBVpe+izk1h9l9hlALAQgy0g/+PVFmowkheu+LuvXdus9NmQK4l5nxFOXz Qkxcc41/speKhMYZK2sUYvRx7H/PlPW+Sorpqs+l9p5V9pVrgN3PWnf4iMZkSK6J bt0OWM2KjUXkL9u3hpotoX8ZfvuZqjVxrqrnPNUV46lvD1qryLPtlWXGMAySwdA3 txpyUTpNTV7fFnsqzEqd1xEd5nC/Aa/QBfqTZAToNWpTipec+UEWJX8gimDoDInw IdDcWvE/Bxvrath2TYsN5mKUIIfpPMtx0mD0CI/wB+r6NgtMVU9G6iYaWxrHlZ10 AHo9sSwa9AO9BDe1mL8+7sYPsXqackno8vZeYVmzB2b4SdPKGFJlfgLpfRSolHtM 83lj0mLK1DxL2GJRVs1GL0EzgBWU9oc32KxnfbeqyNYVglDP6I/Wdxz8kX+a/xcT ewLQK8wVblANVuYIXIbeqcWETZh3mhtij0hDSEr9NfT74uZ6loZ+gEqN/BfSN8yT 9I+UUXKUABQYdFWOdeZbvBTs9EBNQbuAu8CXW8HUM9dgJI3pW6/QS3YqEl+WE5fm fj86xANwgHTJChcS4TVmnMmhnQhhdzDnxyJ77QoeiPYReGFX1ApjrBrYpTk85L2/ 3asonayCpL0vtjf/7dsRKkRDsMpgz3POnCYk9qy0V29EhlxMK6QFK4il9+/9SugD XTnsEUgwdhI= =Bku6 -----END PGP SIGNATURE-----