-
openssh (1:5.1p1-6ubuntu2) karmic; urgency=low
* No change rebuild to fix misbuilt binaries on armel.
-- Loic Minier <email address hidden> Wed, 21 Oct 2009 14:48:08 +0200
-
openssh (1:5.1p1-6ubuntu1) karmic; urgency=low
* Merge from Debian unstable, remaining changes:
- Add support for registering ConsoleKit sessions on login.
- Drop openssh-blacklist and openssh-blacklist-extra to Suggests; they
take up a lot of CD space, and I suspect that rolling them out in
security updates has covered most affected systems now.
openssh (1:5.1p1-6) unstable; urgency=low
* Open /proc/self/oom_adj with O_RDONLY or O_WRONLY as necessary, rather
than O_RDWR.
* Disable OOM adjustment for vserver/OpenVZ (thanks, Karl Chen; closes:
#511771).
* Add ufw integration (thanks, Didier Roche; see
https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages;
LP: #261884).
* Add a comment above PermitRootLogin in sshd_config pointing to
README.Debian.
* Check if delgroup is present in openssh-client.postrm (closes: #530501).
* Build with -fPIC on mips/mipsel (thanks, Luk Claes; closes: #531942).
* Remove /var/run/sshd from openssh-server package; it will be created at
run-time before starting the server.
* Use invoke-rc.d in openssh-server's if-up script.
-- Steve Langasek <email address hidden> Tue, 09 Jun 2009 02:33:10 +0000
-
openssh (1:5.1p1-5ubuntu2) karmic; urgency=low
* No-change rebuild against libkrb5-3.
-- Steve Langasek <email address hidden> Wed, 03 Jun 2009 23:59:09 +0000
-
openssh (1:5.1p1-5ubuntu1) jaunty; urgency=low
* Resynchronise with Debian. Remaining changes:
- Add support for registering ConsoleKit sessions on login.
- Drop openssh-blacklist and openssh-blacklist-extra to Suggests; they
take up a lot of CD space, and I suspect that rolling them out in
security updates has covered most affected systems now.
- Add ufw integration.
openssh (1:5.1p1-5) unstable; urgency=low
* Backport from upstream CVS (Markus Friedl):
- packet_disconnect() on padding error, too. Should reduce the success
probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18.
* Check that /var/run/sshd.pid exists and that the process ID listed there
corresponds to sshd before running '/etc/init.d/ssh reload' from if-up
script; SIGHUP is racy if called at boot before sshd has a chance to
install its signal handler, but fortunately the pid file is written
after that which lets us avoid the race (closes: #502444).
* While the above is a valuable sanity-check, it turns out that it doesn't
really fix the bug (thanks to Kevin Price for testing), so for the
meantime we'll just use '/etc/init.d/ssh restart', even though it is
unfortunately heavyweight.
-- Colin Watson <email address hidden> Wed, 28 Jan 2009 14:34:21 +0000
