Debian Package Tracker

general

source: openssh (main)
version: 1:8.4p1-3
maintainer: Debian OpenSSH Maintainers (archive) (DMD)
uploaders: Colin Watson [DMD] – Matthew Vernon [DMD]
arch: all any
std-ver: 4.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:6.7p1-5+deb8u4
o-o-sec: 1:6.7p1-5+deb8u8
oldstable: 1:7.4p1-10+deb9u7
old-sec: 1:7.4p1-10+deb9u6
stable: 1:7.9p1-10+deb10u2
stable-sec: 1:7.9p1-10+deb10u1
stable-bpo: 1:8.4p1-2~bpo10+1
testing: 1:8.4p1-3
unstable: 1:8.4p1-3

versioned links

1:6.7p1-5+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:6.7p1-5+deb8u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.4p1-10+deb9u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.4p1-10+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.9p1-10+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:7.9p1-10+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:8.4p1-2~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:8.4p1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

openssh-client (285 bugs: 0, 163, 122, 0)
openssh-client-udeb
openssh-server (217 bugs: 1, 159, 57, 0)
openssh-server-udeb
openssh-sftp-server (1 bugs: 0, 1, 0, 0)
openssh-tests
ssh (137 bugs: 0, 73, 64, 0)
ssh-askpass-gnome (2 bugs: 0, 2, 0, 0)

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:20:24
Last run: 2020-05-14 07:31:19 UTC
Previous status: pass

testing: pass (log)
The tests ran in 0:21:04
Last run: 2021-01-19 13:41:54 UTC
Previous status: pass

stable: fail (log)
The tests ran in 0:08:48
Last run: 2021-01-05 02:56:08 UTC
Previous status: fail

Created: 2020-01-31 Last update: 2021-01-20 08:41

The VCS repository is not up to date, push the missing commits. high

vcswatch reports that this package has been uploaded into the archive but the debian/changelog in the VCS is still UNRELEASED. You should consider pushing the missing commits or updating the VCS.

Created: 2020-12-02 Last update: 2021-01-20 01:06

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2018-08-28 Last update: 2020-12-06 07:34

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2019-07-07 Last update: 2020-12-06 07:34

49 bugs tagged patch in the BTS normal

The BTS contains patches fixing 49 bugs (67 if counting merged bugs), consider including or untagging them.

Created: 2020-10-19 Last update: 2021-01-20 08:32

Depends on packages which need a new maintainer normal

The packages that openssh depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2021-01-20 06:31

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2018-08-28 Last update: 2020-12-06 07:34

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Please fix it.

Created: 2018-08-28 Last update: 2020-12-06 07:34

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2018-04-03 19:52

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.1.0).

Created: 2017-06-25 Last update: 2020-12-02 19:06

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2020-12-06] openssh 1:8.4p1-3 MIGRATED to testing (Debian testing watch)
[2020-12-02] Accepted openssh 1:8.4p1-3 (source) into unstable (Colin Watson)
[2020-11-25] Accepted openssh 1:8.4p1-2~bpo10+1 (source amd64 all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Mike Gabriel)
[2020-11-19] openssh 1:8.4p1-2 MIGRATED to testing (Debian testing watch)
[2020-10-26] Accepted openssh 1:8.4p1-2 (source) into unstable (Colin Watson)
[2020-10-20] Accepted openssh 1:8.4p1-1 (source) into unstable (Colin Watson)
[2020-06-09] openssh 1:8.3p1-1 MIGRATED to testing (Debian testing watch)
[2020-06-07] Accepted openssh 1:8.3p1-1 (source) into unstable (Colin Watson)
[2020-03-02] openssh 1:8.2p1-4 MIGRATED to testing (Debian testing watch)
[2020-02-26] Accepted openssh 1:8.2p1-4 (source) into unstable (Colin Watson)
[2020-02-24] Accepted openssh 1:8.2p1-3 (source) into unstable (Colin Watson)
[2020-02-23] Accepted openssh 1:8.2p1-1 (all amd64 source) into unstable, unstable (Colin Watson)
[2020-02-02] Accepted openssh 1:7.9p1-10+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2020-01-16] openssh 1:8.1p1-5 MIGRATED to testing (Debian testing watch)
[2020-01-12] Accepted openssh 1:8.1p1-5 (source) into unstable (Colin Watson)
[2020-01-11] openssh 1:8.1p1-4 MIGRATED to testing (Debian testing watch)
[2020-01-09] Accepted openssh 1:8.1p1-4 (source) into unstable (Colin Watson)
[2020-01-09] Accepted openssh 1:8.1p1-3 (source) into unstable (Colin Watson)
[2020-01-05] openssh 1:8.1p1-2 MIGRATED to testing (Debian testing watch)
[2019-12-12] Accepted openssh 1:8.1p1-2 (source) into unstable (Colin Watson)
[2019-10-12] Accepted openssh 1:7.9p1-10+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2019-10-12] openssh 1:8.1p1-1 MIGRATED to testing (Debian testing watch)
[2019-10-10] Accepted openssh 1:8.1p1-1 (source) into unstable (Colin Watson)
[2019-10-08] openssh 1:8.0p1-7 MIGRATED to testing (Debian testing watch)
[2019-10-07] Accepted openssh 1:7.9p1-10+deb10u1 (source) into stable->embargoed, stable (Colin Watson)
[2019-10-05] Accepted openssh 1:8.0p1-7 (source) into unstable (Colin Watson)
[2019-08-30] openssh 1:8.0p1-6 MIGRATED to testing (Debian testing watch)
[2019-08-28] Accepted openssh 1:8.0p1-6 (source) into unstable (Colin Watson)
[2019-08-27] Accepted openssh 1:8.0p1-5 (source) into unstable (Colin Watson)
[2019-08-11] Accepted openssh 1:7.4p1-10+deb9u7 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Mühlenhoff)

bugs [bug history graph]

all: 620 671
RC: 1
I&N: 386 410
M&W: 232 259
F&P: 1
patch: 49 67

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (100, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:8.4p1-3
135 bugs (7 patches)