Debian Package Tracker

general

source: openssh (main)
version: 1:8.3p1-1
maintainer: Debian OpenSSH Maintainers (archive) (DMD)
uploaders: Matthew Vernon [DMD] – Colin Watson [DMD]
arch: all any
std-ver: 4.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:6.7p1-5+deb8u4
o-o-sec: 1:6.7p1-5+deb8u8
oldstable: 1:7.4p1-10+deb9u7
old-sec: 1:7.4p1-10+deb9u6
stable: 1:7.9p1-10+deb10u2
stable-sec: 1:7.9p1-10+deb10u1
testing: 1:8.3p1-1
unstable: 1:8.3p1-1

versioned links

1:6.7p1-5+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:6.7p1-5+deb8u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.4p1-10+deb9u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.4p1-10+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.9p1-10+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.9p1-10+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:8.3p1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

openssh-client (280 bugs: 0, 157, 123, 0)
openssh-client-udeb
openssh-server (216 bugs: 2, 158, 56, 0)
openssh-server-udeb
openssh-sftp-server (1 bugs: 0, 1, 0, 0)
openssh-tests
ssh (138 bugs: 0, 74, 64, 0)
ssh-askpass-gnome (2 bugs: 0, 2, 0, 0)

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:20:24
Last run: 2020-05-14 07:31:19 UTC
Previous status: pass

testing: pass (log)
The tests ran in 0:29:17
Last run: 2020-07-29 15:39:34 UTC
Previous status: pass

stable: fail (log)
The tests ran in 0:07:54
Last run: 2020-04-26 01:37:29 UTC
Previous status: fail

Created: 2020-01-31 Last update: 2020-08-03 11:37

lintian reports 2 errors and 12 warnings high

Lintian reports 2 errors and 12 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-07-29 12:33

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2019-07-07 Last update: 2020-07-26 06:00

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2018-08-28 Last update: 2020-07-26 06:00

48 bugs tagged patch in the BTS normal

The BTS contains patches fixing 48 bugs (66 if counting merged bugs), consider including or untagging them.

Created: 2020-06-28 Last update: 2020-08-03 11:32

Depends on packages which need a new maintainer normal

The packages that openssh depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2020-08-03 09:03

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2018-08-28 Last update: 2020-07-26 06:00

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2018-08-28 Last update: 2020-07-26 06:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2018-04-03 19:52

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.1.0).

Created: 2017-06-25 Last update: 2020-06-07 19:08

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2020-06-09] openssh 1:8.3p1-1 MIGRATED to testing (Debian testing watch)
[2020-06-07] Accepted openssh 1:8.3p1-1 (source) into unstable (Colin Watson)
[2020-03-02] openssh 1:8.2p1-4 MIGRATED to testing (Debian testing watch)
[2020-02-26] Accepted openssh 1:8.2p1-4 (source) into unstable (Colin Watson)
[2020-02-24] Accepted openssh 1:8.2p1-3 (source) into unstable (Colin Watson)
[2020-02-23] Accepted openssh 1:8.2p1-1 (all amd64 source) into unstable, unstable (Colin Watson)
[2020-02-02] Accepted openssh 1:7.9p1-10+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2020-01-16] openssh 1:8.1p1-5 MIGRATED to testing (Debian testing watch)
[2020-01-12] Accepted openssh 1:8.1p1-5 (source) into unstable (Colin Watson)
[2020-01-11] openssh 1:8.1p1-4 MIGRATED to testing (Debian testing watch)
[2020-01-09] Accepted openssh 1:8.1p1-4 (source) into unstable (Colin Watson)
[2020-01-09] Accepted openssh 1:8.1p1-3 (source) into unstable (Colin Watson)
[2020-01-05] openssh 1:8.1p1-2 MIGRATED to testing (Debian testing watch)
[2019-12-12] Accepted openssh 1:8.1p1-2 (source) into unstable (Colin Watson)
[2019-10-12] Accepted openssh 1:7.9p1-10+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2019-10-12] openssh 1:8.1p1-1 MIGRATED to testing (Debian testing watch)
[2019-10-10] Accepted openssh 1:8.1p1-1 (source) into unstable (Colin Watson)
[2019-10-08] openssh 1:8.0p1-7 MIGRATED to testing (Debian testing watch)
[2019-10-07] Accepted openssh 1:7.9p1-10+deb10u1 (source) into stable->embargoed, stable (Colin Watson)
[2019-10-05] Accepted openssh 1:8.0p1-7 (source) into unstable (Colin Watson)
[2019-08-30] openssh 1:8.0p1-6 MIGRATED to testing (Debian testing watch)
[2019-08-28] Accepted openssh 1:8.0p1-6 (source) into unstable (Colin Watson)
[2019-08-27] Accepted openssh 1:8.0p1-5 (source) into unstable (Colin Watson)
[2019-08-11] Accepted openssh 1:7.4p1-10+deb9u7 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Mühlenhoff)
[2019-08-05] openssh 1:8.0p1-4 MIGRATED to testing (Debian testing watch)
[2019-08-05] openssh 1:8.0p1-4 MIGRATED to testing (Debian testing watch)
[2019-08-03] Accepted openssh 1:8.0p1-4 (source) into unstable (Colin Watson)
[2019-07-13] openssh 1:8.0p1-3 MIGRATED to testing (Debian testing watch)
[2019-07-08] Accepted openssh 1:8.0p1-3 (source) into unstable (Colin Watson)
[2019-06-14] Accepted openssh 1:8.0p1-2 (source) into experimental (Colin Watson)

bugs [bug history graph]

all: 615 666
RC: 2
I&N: 380 404
M&W: 232 259
F&P: 1
patch: 48 66

links

homepage
lintian (2, 12)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
l10n (100, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:8.3p1-1
134 bugs (7 patches)