openssh - Debian Package Tracker

general

source: openssh (main)
version: 1:8.4p1-5
maintainer: Debian OpenSSH Maintainers (archive) (DMD)
uploaders: Matthew Vernon [DMD] – Colin Watson [DMD]
arch: all any
std-ver: 4.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1:7.4p1-10+deb9u7
old-sec: 1:7.4p1-10+deb9u6
stable: 1:7.9p1-10+deb10u2
stable-sec: 1:7.9p1-10+deb10u1
stable-bpo: 1:8.4p1-2~bpo10+1
testing: 1:8.4p1-5
unstable: 1:8.4p1-5

versioned links

1:7.4p1-10+deb9u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.4p1-10+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.9p1-10+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.9p1-10+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:8.4p1-2~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:8.4p1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

openssh-client (286 bugs: 0, 163, 123, 0)
openssh-client-udeb
openssh-server (219 bugs: 1, 160, 58, 0)
openssh-server-udeb
openssh-sftp-server (1 bugs: 0, 1, 0, 0)
openssh-tests
ssh (137 bugs: 0, 73, 64, 0)
ssh-askpass-gnome (2 bugs: 0, 2, 0, 0)

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:20:24
Last run: 2020-05-14 07:31:19 UTC
Previous status: pass

testing: pass (log)
The tests ran in 0:20:58
Last run: 2021-04-16 11:40:45 UTC
Previous status: pass

stable: fail (log)
The tests ran in 0:07:51
Last run: 2021-04-11 04:37:01 UTC
Previous status: tmpfail

Created: 2021-04-11 Last update: 2021-04-19 17:36

A new upstream version is available: 8.5p1 high

A new upstream version 8.5p1 is available, you should consider packaging it.

Created: 2021-03-07 Last update: 2021-04-19 16:34

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Created: 2021-02-19 Last update: 2021-04-14 05:31

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Created: 2021-02-19 Last update: 2021-04-14 05:31

49 bugs tagged patch in the BTS normal

The BTS contains patches fixing 49 bugs (67 if counting merged bugs), consider including or untagging them.

Created: 2020-10-19 Last update: 2021-04-19 17:32

Depends on packages which need a new maintainer normal

The packages that openssh depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2021-04-19 17:02

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2018-04-03 19:52

No known security issue in buster wishlist

There is 1 open security issue in buster.

1 ignored issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Created: 2021-02-19 Last update: 2021-04-14 05:31

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.1.0).

Created: 2017-06-25 Last update: 2021-03-13 18:37

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2021-03-18] openssh 1:8.4p1-5 MIGRATED to testing (Debian testing watch)
[2021-03-13] Accepted openssh 1:8.4p1-5 (source) into unstable (Colin Watson)
[2021-02-25] openssh 1:8.4p1-4 MIGRATED to testing (Debian testing watch)
[2021-02-15] Accepted openssh 1:8.4p1-4 (source) into unstable (Colin Watson)
[2020-12-06] openssh 1:8.4p1-3 MIGRATED to testing (Debian testing watch)
[2020-12-02] Accepted openssh 1:8.4p1-3 (source) into unstable (Colin Watson)
[2020-11-25] Accepted openssh 1:8.4p1-2~bpo10+1 (source amd64 all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Mike Gabriel)
[2020-11-19] openssh 1:8.4p1-2 MIGRATED to testing (Debian testing watch)
[2020-10-26] Accepted openssh 1:8.4p1-2 (source) into unstable (Colin Watson)
[2020-10-20] Accepted openssh 1:8.4p1-1 (source) into unstable (Colin Watson)
[2020-06-09] openssh 1:8.3p1-1 MIGRATED to testing (Debian testing watch)
[2020-06-07] Accepted openssh 1:8.3p1-1 (source) into unstable (Colin Watson)
[2020-03-02] openssh 1:8.2p1-4 MIGRATED to testing (Debian testing watch)
[2020-02-26] Accepted openssh 1:8.2p1-4 (source) into unstable (Colin Watson)
[2020-02-24] Accepted openssh 1:8.2p1-3 (source) into unstable (Colin Watson)
[2020-02-23] Accepted openssh 1:8.2p1-1 (all amd64 source) into unstable, unstable (Colin Watson)
[2020-02-02] Accepted openssh 1:7.9p1-10+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2020-01-16] openssh 1:8.1p1-5 MIGRATED to testing (Debian testing watch)
[2020-01-12] Accepted openssh 1:8.1p1-5 (source) into unstable (Colin Watson)
[2020-01-11] openssh 1:8.1p1-4 MIGRATED to testing (Debian testing watch)
[2020-01-09] Accepted openssh 1:8.1p1-4 (source) into unstable (Colin Watson)
[2020-01-09] Accepted openssh 1:8.1p1-3 (source) into unstable (Colin Watson)
[2020-01-05] openssh 1:8.1p1-2 MIGRATED to testing (Debian testing watch)
[2019-12-12] Accepted openssh 1:8.1p1-2 (source) into unstable (Colin Watson)
[2019-10-12] Accepted openssh 1:7.9p1-10+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2019-10-12] openssh 1:8.1p1-1 MIGRATED to testing (Debian testing watch)
[2019-10-10] Accepted openssh 1:8.1p1-1 (source) into unstable (Colin Watson)
[2019-10-08] openssh 1:8.0p1-7 MIGRATED to testing (Debian testing watch)
[2019-10-07] Accepted openssh 1:7.9p1-10+deb10u1 (source) into stable->embargoed, stable (Colin Watson)
[2019-10-05] Accepted openssh 1:8.0p1-7 (source) into unstable (Colin Watson)

bugs [bug history graph]

all: 624 675
RC: 1
I&N: 388 412
M&W: 234 261
F&P: 1
patch: 49 67

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (100, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:8.4p1-5ubuntu1
136 bugs (7 patches)
patches for 1:8.4p1-5ubuntu1