-
dd5de14...
by
Martin Pitt
on 2006-10-02
-
Import patches-applied version 1:3.9p1-1ubuntu2.3 to applied/ubuntu/hoary-security
Imported using git-ubuntu import.
Changelog parent: 3c76cd129aeaf05612fb3a4eea86f7be6cc38c0e
Unapplied parent: 01b2218cc48aed933f5cfed77da0a7d7e61855d5
New changelog entries:
* SECURITY UPDATE: Remote DoS.
* CVE-2006-4924: Fix a pre-authentication denial of service found by
Tavis Ormandy, that would cause sshd(8) to spin until the login grace
time expired.
Upstream fixes:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.c.diff?r1=1.29&r2=1.30&sortby=date&f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.143&r2=1.144&sortby=date&f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.h.diff?r1=1.9&r2=1.10&sortby=date&f=h
* Fix an unsafe signal hander reported by Mark Dowd. The
signal handler was vulnerable to a race condition that could be
exploited to perform a pre-authentication denial of service. [CVE-2006-5051]
On portable OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication is
enabled, but the likelihood of successful exploitation appears remote.
[CVE-2006-5052]
* Above patches taken from Debian's 4.3p2-4 version, thanks to Colin Watson
for backporting them from 4.4p1.
-
01b2218...
by
Martin Pitt
on 2006-10-02
-
Import patches-unapplied version 1:3.9p1-1ubuntu2.3 to ubuntu/hoary-security
Imported using git-ubuntu import.
Changelog parent: 517594eae2e4eff6a340e53292a7a1f42748ba10
New changelog entries:
* SECURITY UPDATE: Remote DoS.
* CVE-2006-4924: Fix a pre-authentication denial of service found by
Tavis Ormandy, that would cause sshd(8) to spin until the login grace
time expired.
Upstream fixes:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.c.diff?r1=1.29&r2=1.30&sortby=date&f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.143&r2=1.144&sortby=date&f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.h.diff?r1=1.9&r2=1.10&sortby=date&f=h
* Fix an unsafe signal hander reported by Mark Dowd. The
signal handler was vulnerable to a race condition that could be
exploited to perform a pre-authentication denial of service. [CVE-2006-5051]
On portable OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication is
enabled, but the likelihood of successful exploitation appears remote.
[CVE-2006-5052]
* Above patches taken from Debian's 4.3p2-4 version, thanks to Colin Watson
for backporting them from 4.4p1.
-
3c76cd1...
by
Martin Pitt
on 2006-02-20
-
Import patches-applied version 1:3.9p1-1ubuntu2.2 to applied/ubuntu/hoary-security
Imported using git-ubuntu import.
Changelog parent: e65b0263f54d6d2279716579373a7941d77f613e
Unapplied parent: 517594eae2e4eff6a340e53292a7a1f42748ba10
New changelog entries:
* SECURITY UPDATE: Shell code injection with crafted file names in scp.
* Ported upstream patch from 4.3p2 to replace system() call with a proper
exec() call; this avoids expanding shell metacharacters in local-to-local
or remote-to-remote copies.
* CVE-2006-0225
-
517594e...
by
Martin Pitt
on 2006-02-20
-
Import patches-unapplied version 1:3.9p1-1ubuntu2.2 to ubuntu/hoary-security
Imported using git-ubuntu import.
Changelog parent: 4913cdd4a5ee6526919ba13cdb563efad9c7e788
New changelog entries:
* SECURITY UPDATE: Shell code injection with crafted file names in scp.
* Ported upstream patch from 4.3p2 to replace system() call with a proper
exec() call; this avoids expanding shell metacharacters in local-to-local
or remote-to-remote copies.
* CVE-2006-0225
-
e65b026...
by
Martin Pitt
on 2005-10-17
-
Import patches-applied version 1:3.9p1-1ubuntu2.1 to applied/ubuntu/hoary-security
Imported using git-ubuntu import.
Changelog parent: 4b4b5b9c86ea9a1140b819dc672c7ba0fd2c6a74
Unapplied parent: 4913cdd4a5ee6526919ba13cdb563efad9c7e788
New changelog entries:
* SECURITY UPDATE: Information disclosure.
* gss-serv.c, sshconnect2.c: Do not delegate GSSAPI credentials to log in
with a different method than GSSAPI.
* CAN-2005-2798
-
4913cdd...
by
Martin Pitt
on 2005-10-17
-
Import patches-unapplied version 1:3.9p1-1ubuntu2.1 to ubuntu/hoary-security
Imported using git-ubuntu import.
Changelog parent: 6ac1c57981395deee16b5535f8d13c89417c0829
New changelog entries:
* SECURITY UPDATE: Information disclosure.
* gss-serv.c, sshconnect2.c: Do not delegate GSSAPI credentials to log in
with a different method than GSSAPI.
* CAN-2005-2798
-
4b4b5b9...
by
Colin Watson
on 2005-03-15
-
Import patches-applied version 1:3.9p1-1ubuntu2 to applied/ubuntu/hoary
Imported using git-ubuntu import.
Changelog parent: 1b47c8f1a006223b0fce36e5282eeaa8ae2fce68
Unapplied parent: 6ac1c57981395deee16b5535f8d13c89417c0829
New changelog entries:
* Don't ask unnecessary and misplaced ssh/forward_warning debconf note
(closes: Ubuntu #7363).
* Resynchronise with Debian.
* New upstream release.
- PAM password authentication implemented again (closes: #238699,
#242119).
- Implemented the ability to pass selected environment variables between
the client and the server.
- Fix ssh-keyscan breakage when remote server doesn't speak SSH protocol
(closes: #228828).
- Fix res_query detection (closes: #242462).
- 'ssh -c' documentation improved (closes: #265627).
* Pass LANG and LC_* environment variables from the client by default, and
accept them to the server by default in new installs, although not on
upgrade (closes: #264024).
* Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones).
* Expand on openssh-client package description (closes: #273831).
* Resynchronise with Debian.
* We use DH_COMPAT=2, so build-depend on debhelper (>= 2).
* Fix timing information leak allowing discovery of invalid usernames in
PAM keyboard-interactive authentication (backported from a patch by
Darren Tucker; closes: #281595).
* Make sure that there's a delay in PAM keyboard-interactive
authentication when PermitRootLogin is not set to yes and the correct
root password is entered (closes: #248747).
* Resynchronise with Debian.
* Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
* debconf template translations:
- Update Dutch (thanks, cobaco; closes: #278715).
* Correct README.Debian's ForwardX11Trusted description (closes: #280190).
* Resynchronise with Debian.
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).
* Shorten the version string from the form "OpenSSH_3.8.1p1 Debian
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH
implementations apparently have problems with the long version string.
This is of course a bug in those implementations, but since the extent
of the problem is unknown it's best to play safe (closes: #275731).
* debconf template translations:
- Add Finnish (thanks, Matti Pöllä; closes: #265339).
- Update Danish (thanks, Morten Brix Pedersen; closes: #275895).
- Update French (thanks, Denis Barbier; closes: #276703).
- Update Japanese (thanks, Kenshi Muto; closes: #277438).
-
6ac1c57...
by
Colin Watson
on 2005-03-15
-
Import patches-unapplied version 1:3.9p1-1ubuntu2 to ubuntu/hoary
Imported using git-ubuntu import.
Changelog parent: 3053cc0aa054e1edab75b86126dd2c87a66d3316
New changelog entries:
* Don't ask unnecessary and misplaced ssh/forward_warning debconf note
(closes: Ubuntu #7363).
* Resynchronise with Debian.
* New upstream release.
- PAM password authentication implemented again (closes: #238699,
#242119).
- Implemented the ability to pass selected environment variables between
the client and the server.
- Fix ssh-keyscan breakage when remote server doesn't speak SSH protocol
(closes: #228828).
- Fix res_query detection (closes: #242462).
- 'ssh -c' documentation improved (closes: #265627).
* Pass LANG and LC_* environment variables from the client by default, and
accept them to the server by default in new installs, although not on
upgrade (closes: #264024).
* Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones).
* Expand on openssh-client package description (closes: #273831).
* Resynchronise with Debian.
* We use DH_COMPAT=2, so build-depend on debhelper (>= 2).
* Fix timing information leak allowing discovery of invalid usernames in
PAM keyboard-interactive authentication (backported from a patch by
Darren Tucker; closes: #281595).
* Make sure that there's a delay in PAM keyboard-interactive
authentication when PermitRootLogin is not set to yes and the correct
root password is entered (closes: #248747).
* Resynchronise with Debian.
* Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
* debconf template translations:
- Update Dutch (thanks, cobaco; closes: #278715).
* Correct README.Debian's ForwardX11Trusted description (closes: #280190).
* Resynchronise with Debian.
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).
* Shorten the version string from the form "OpenSSH_3.8.1p1 Debian
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH
implementations apparently have problems with the long version string.
This is of course a bug in those implementations, but since the extent
of the problem is unknown it's best to play safe (closes: #275731).
* debconf template translations:
- Add Finnish (thanks, Matti Pöllä; closes: #265339).
- Update Danish (thanks, Morten Brix Pedersen; closes: #275895).
- Update French (thanks, Denis Barbier; closes: #276703).
- Update Japanese (thanks, Kenshi Muto; closes: #277438).
-
1b47c8f...
by
Colin Watson
on 2004-10-07
-
Import patches-applied version 1:3.8.1p1-11ubuntu3 to applied/ubuntu/warty
Imported using git-ubuntu import.
Unapplied parent: 3053cc0aa054e1edab75b86126dd2c87a66d3316
-
3053cc0...
by
Colin Watson
on 2004-10-07
-
Import patches-unapplied version 1:3.8.1p1-11ubuntu3 to ubuntu/warty
Imported using git-ubuntu import.