ubuntu/+source/openssh:applied/ubuntu/dapper-devel

Last commit made on 2006-10-02
Get this branch:
git clone -b applied/ubuntu/dapper-devel https://git.launchpad.net/ubuntu/+source/openssh
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/dapper-devel
Repository:
lp:ubuntu/+source/openssh

Recent commits

b1a1d1e... by Martin Pitt on 2006-10-02

Import patches-applied version 1:4.2p1-7ubuntu3.1 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: f66fbe8eb678023f89a5e71fea297579de5b2cb3
Unapplied parent: 872b45f6aac7fcd7ce5817b1cbeeb319142ea06e

New changelog entries:
  * SECURITY UPDATE: Remote DoS.
  * CVE-2006-4924: Fix a pre-authentication denial of service found by
    Tavis Ormandy, that would cause sshd(8) to spin until the login grace
    time expired.
    Upstream fixes:
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.c.diff?r1=1.29&r2=1.30&sortby=date&f=h
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.143&r2=1.144&sortby=date&f=h
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.h.diff?r1=1.9&r2=1.10&sortby=date&f=h
  * Fix an unsafe signal hander reported by Mark Dowd. The
    signal handler was vulnerable to a race condition that could be
    exploited to perform a pre-authentication denial of service. [CVE-2006-5051]
    On portable OpenSSH, this vulnerability could theoretically lead to
    pre-authentication remote code execution if GSSAPI authentication is
    enabled, but the likelihood of successful exploitation appears remote.
    [CVE-2006-5052]
  * Above patches taken from Debian's 4.3p2-4 version, thanks to Colin Watson
    for backporting them from 4.4p1.
  * packet.c: Fix a NULL dereference crash so that an appropriate error
    message is printed on a protocol error. This is not actually a
    vulnerability, but has been assigned CVE-2006-4925, so let's fix it for
    completeness' sake.
    Taken from upstream CVS:
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?sortby=date&r2=1.145&r1=1.144&f=h

872b45f... by Martin Pitt on 2006-10-02

Import patches-unapplied version 1:4.2p1-7ubuntu3.1 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 7e6667783f6328fff22531b339d6e1bb4fe8ed3b

New changelog entries:
  * SECURITY UPDATE: Remote DoS.
  * CVE-2006-4924: Fix a pre-authentication denial of service found by
    Tavis Ormandy, that would cause sshd(8) to spin until the login grace
    time expired.
    Upstream fixes:
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.c.diff?r1=1.29&r2=1.30&sortby=date&f=h
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.143&r2=1.144&sortby=date&f=h
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.h.diff?r1=1.9&r2=1.10&sortby=date&f=h
  * Fix an unsafe signal hander reported by Mark Dowd. The
    signal handler was vulnerable to a race condition that could be
    exploited to perform a pre-authentication denial of service. [CVE-2006-5051]
    On portable OpenSSH, this vulnerability could theoretically lead to
    pre-authentication remote code execution if GSSAPI authentication is
    enabled, but the likelihood of successful exploitation appears remote.
    [CVE-2006-5052]
  * Above patches taken from Debian's 4.3p2-4 version, thanks to Colin Watson
    for backporting them from 4.4p1.
  * packet.c: Fix a NULL dereference crash so that an appropriate error
    message is printed on a protocol error. This is not actually a
    vulnerability, but has been assigned CVE-2006-4925, so let's fix it for
    completeness' sake.
    Taken from upstream CVS:
    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?sortby=date&r2=1.145&r1=1.144&f=h

f66fbe8... by Colin Watson on 2006-05-17

Import patches-applied version 1:4.2p1-7ubuntu3 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: bc05d8376b18f4805aa6d6e235d80a331f031dac
Unapplied parent: 7e6667783f6328fff22531b339d6e1bb4fe8ed3b

New changelog entries:
  * On '/etc/init.d/ssh restart', create /var/run/sshd before checking the
    server configuration, as otherwise 'sshd -t' will complain about the
    lack of /var/run/sshd (closes: Malone #45234).

7e66677... by Colin Watson on 2006-05-17

Import patches-unapplied version 1:4.2p1-7ubuntu3 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 8b11a29ade34b074fc04f6275cc1d8817de56015

New changelog entries:
  * On '/etc/init.d/ssh restart', create /var/run/sshd before checking the
    server configuration, as otherwise 'sshd -t' will complain about the
    lack of /var/run/sshd (closes: Malone #45234).

bc05d83... by Colin Watson on 2006-05-12

Import patches-applied version 1:4.2p1-7ubuntu2 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 938f393583f22e4ce05571a81cc74c47073cfe8b
Unapplied parent: 8b11a29ade34b074fc04f6275cc1d8817de56015

New changelog entries:
  * Backport from OpenSSH 4.3 (closes: Malone #25528):
    - Set SO_REUSEADDR on X11 listeners to avoid problems caused by
      lingering sockets from previous session (X11 applications can
      sometimes not connect to 127.0.0.1:60xx).

8b11a29... by Colin Watson on 2006-05-12

Import patches-unapplied version 1:4.2p1-7ubuntu2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: ad34150514c6f03c5110f40de409fc67426482c6

New changelog entries:
  * Backport from OpenSSH 4.3 (closes: Malone #25528):
    - Set SO_REUSEADDR on X11 listeners to avoid problems caused by
      lingering sockets from previous session (X11 applications can
      sometimes not connect to 127.0.0.1:60xx).

938f393... by Colin Watson on 2006-03-01

Import patches-applied version 1:4.2p1-7ubuntu1 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 6bce42ba6446baf712d6b9d73adc98bf3e931d47
Unapplied parent: ad34150514c6f03c5110f40de409fc67426482c6

New changelog entries:
  * Resynchronise with Debian.
  * I accidentally applied the default $PATH change in 1:4.2p1-6 to the udeb
    rather than the deb. Fixed.
  * Sync default values of $PATH from shadow 1:4.0.12-6, adding /usr/bin/X11
    to the normal and superuser paths and /usr/games to the normal path.
  * When the client receives a signal, don't fatal() with "Killed by signal
    %d." (which produces unhelpful noise on stderr and causes confusion for
    users of some applications that wrap ssh); instead, generate a debug
    message and exit with the traditional status (closes: #313371).
  * debconf template translations:
    - Add Swedish (thanks, Daniel Nylander; closes: #333133).
    - Update Spanish (thanks, Javier Fernández-Sanguino Peña;
      closes: #341371).
    - Correct erroneously-changed Last-Translator headers in Greek and
      Spanish translations.

ad34150... by Colin Watson on 2006-03-01

Import patches-unapplied version 1:4.2p1-7ubuntu1 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: c56287d6ffe914bc67b3bb532b5166198a38c300

New changelog entries:
  * Resynchronise with Debian.
  * I accidentally applied the default $PATH change in 1:4.2p1-6 to the udeb
    rather than the deb. Fixed.
  * Sync default values of $PATH from shadow 1:4.0.12-6, adding /usr/bin/X11
    to the normal and superuser paths and /usr/games to the normal path.
  * When the client receives a signal, don't fatal() with "Killed by signal
    %d." (which produces unhelpful noise on stderr and causes confusion for
    users of some applications that wrap ssh); instead, generate a debug
    message and exit with the traditional status (closes: #313371).
  * debconf template translations:
    - Add Swedish (thanks, Daniel Nylander; closes: #333133).
    - Update Spanish (thanks, Javier Fernández-Sanguino Peña;
      closes: #341371).
    - Correct erroneously-changed Last-Translator headers in Greek and
      Spanish translations.

6bce42b... by Martin Pitt on 2006-02-20

Import patches-applied version 1:4.2p1-5ubuntu2 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 9232a86860802a4ebe86059b24cf93abedc43607
Unapplied parent: c56287d6ffe914bc67b3bb532b5166198a38c300

New changelog entries:
  * SECURITY UPDATE: Shell code injection with crafted file names in scp.
  * Ported upstream patch from 4.3p2 to replace system() call with a proper
    exec() call; this avoids expanding shell metacharacters in local-to-local
    or remote-to-remote copies.
  * CVE-2006-0225

c56287d... by Martin Pitt on 2006-02-20

Import patches-unapplied version 1:4.2p1-5ubuntu2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: d200ad971406bdf4a0a63d383a349d6c64bc66d8

New changelog entries:
  * SECURITY UPDATE: Shell code injection with crafted file names in scp.
  * Ported upstream patch from 4.3p2 to replace system() call with a proper
    exec() call; this avoids expanding shell metacharacters in local-to-local
    or remote-to-remote copies.
  * CVE-2006-0225