ubuntu/+source/openssh:debian/stretch

Last commit made on 2019-04-27
Get this branch:
git clone -b debian/stretch https://git.launchpad.net/ubuntu/+source/openssh
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/stretch
Repository:
lp:ubuntu/+source/openssh

Recent commits

351abd2... by Salvatore Bonaccorso on 2019-03-01

Import patches-unapplied version 1:7.4p1-10+deb9u6 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: b4dc904df127677f5e58acbadb5a32549cbdadea

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Apply upstream patch to make scp handle shell-style brace expansions
    when checking that filenames sent by the server match what the client
    requested (closes: #923486).

b4dc904... by Yves-Alexis Perez on 2019-02-08

Import patches-unapplied version 1:7.4p1-10+deb9u5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1ced64b7383f6f7235c564e65ad9606a4f2ca4a5

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2018-20685: disallow empty filenames or ones that refer to the current
    directory (Closes: #919101)
  * CVE-2019-6109: sanitize scp filenames via snmprintf (Closes: #793412)
  * CVE-2019-6111: check in scp client that filenames sent during
    remote->local directory copies satisfy the wildcards specified by the user

1ced64b... by Sebastien Delafond on 2018-08-21

Import patches-unapplied version 1:7.4p1-10+deb9u4 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 7a6765bda7f8b4279de72c85bac70383e6f192ed

New changelog entries:
  * Non-maintainer upload by the Security Team
  * CVE-2018-15473: fix username enumeration issue, initially reported
    by Dariusz Tytko and Michal Sajdak (Closes: #906236)

7a6765b... by Colin Watson on 2018-03-01

Import patches-unapplied version 1:7.4p1-10+deb9u3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 12ea1e41915c46ce4f3b5e09adca87ec5a2998b3

New changelog entries:
  * CVE-2017-15906: sftp-server(8): In read-only mode, sftp-server was
    incorrectly permitting creation of zero-length files. Reported by Michal
    Zalewski.

12ea1e4... by Colin Watson on 2017-11-18

Import patches-unapplied version 1:7.4p1-10+deb9u2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c6e7d9b880feb33a5b134d0f7c9ce7c3425a076a

New changelog entries:
  * Test configuration before starting or reloading sshd under systemd
    (closes: #865770).
  * Adjust compatibility patterns for WinSCP to correctly identify versions
    that implement only the legacy DH group exchange scheme (closes:
    #877800).
  * Make "--" before the hostname terminate argument processing after the
    hostname too (closes: #873201).

c6e7d9b... by Colin Watson on 2017-06-18

Import patches-unapplied version 1:7.4p1-10+deb9u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2d6a7b7a356d897d168dc051cab091e02ee05f47

New changelog entries:
  * Fix incoming compression statistics (thanks, Russell Coker; closes:
    #797964).

2d6a7b7... by Colin Watson on 2017-03-30

Import patches-unapplied version 1:7.4p1-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 94a006df0dee470be9fb627968eaa05377579243

New changelog entries:
  * Move privilege separation directory and PID file from /var/run/ to /run/
    (closes: #760422, #856825).
  * Unbreak Unix domain socket forwarding for root (closes: #858252).

94a006d... by Colin Watson on 2017-03-16

Import patches-unapplied version 1:7.4p1-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: caf5e54529906c23d6564b94d0ac5a79dae88f48

New changelog entries:
  * Fix null pointer dereference in ssh-keygen; this fixes an autopkgtest
    regression introduced in 1:7.4p1-8.

caf5e54... by Colin Watson on 2017-03-14

Import patches-unapplied version 1:7.4p1-8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cff7b0b8b7d65a13457fa19cd04efe1e6f336650

New changelog entries:
  * Fix ssh-keygen -H accidentally corrupting known_hosts that contained
    already-hashed entries (closes: #851734, LP: #1668093).
  * Fix ssh-keyscan to correctly hash hosts with a port number (closes:
    #857736, LP: #1670745).

cff7b0b... by Colin Watson on 2017-03-05

Import patches-unapplied version 1:7.4p1-7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e5871a1970dbd5e633e2e58cc3e3aa72364669fd

New changelog entries:
  * Don't set "PermitRootLogin yes" on fresh installations (regression
    introduced in 1:7.4p1-1; closes: #852781).
  * Restore reading authorized_keys2 by default. Upstream seems to intend
    to gradually phase this out, so don't assume that this will remain the
    default forever. However, we were late in adopting the upstream
    sshd_config changes, so it makes sense to extend the grace period
    (closes: #852320).