ubuntu/+source/openssh:debian/wheezy

Last commit made on 2016-06-05
Get this branch:
git clone -b debian/wheezy https://git.launchpad.net/ubuntu/+source/openssh
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/wheezy
Repository:
lp:ubuntu/+source/openssh

Recent commits

f93e1a6... by Salvatore Bonaccorso on 2016-04-14

Import patches-unapplied version 1:6.0p1-4+deb7u4 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: e9a8f23e7053a2f886cf8ed43ca87cde9b44f710

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2015-8325: Ignore PAM environment vars when UseLogin=yes

e9a8f23... by Yves-Alexis Perez on 2016-01-13

Import patches-unapplied version 1:6.0p1-4+deb7u3 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: dbbe016b96d2237b9c54bb5fa4b769954c925e4b

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Disable roaming in openssh client: roaming code is vulnerable to an
    information leak (CVE-2016-0777) and heap-based buffer overflow
    (CVE-2016-0778).

dbbe016... by Colin Watson on 2014-06-28

Import patches-unapplied version 1:6.0p1-4+deb7u2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 846a7f051ae31220908ef6af2fea15e291c4a080

New changelog entries:
  * Restore patch to disable OpenSSL version check (closes: #749472).

846a7f0... by Colin Watson on 2014-04-02

Import patches-unapplied version 1:6.0p1-4+deb7u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 06bf61b874b238e9c06591256fe54208f06614e3

New changelog entries:
  * CVE-2014-2532: Disallow invalid characters in environment variable names
    to prevent bypassing AcceptEnv wildcard restrictions.
  * CVE-2014-2653: Attempt SSHFP lookup even if server presents a
    certificate (closes: #742513).

06bf61b... by Colin Watson on 2013-02-08

Import patches-unapplied version 1:6.0p1-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 70f1cb2b6a1d11110e0ef2cd259a6445eaf0a829

New changelog entries:
  * CVE-2010-5107: Improve DoS resistance by changing default of MaxStartups
    to 10:30:100 (closes: #700102).

70f1cb2... by Colin Watson on 2012-08-24

Import patches-unapplied version 1:6.0p1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ba807f38911f96afb47f553fa167b010f79218ac

New changelog entries:
  * debconf template translations:
    - Add Indonesian (thanks, Andika Triwidada; closes: #681670).
  * Call restorecon on copied ~/.ssh/authorized_keys if possible, since some
    SELinux policies require this (closes: #658675).
  * Add ncurses-term to openssh-server's Recommends, since it's often needed
    to support unusual terminal emulators on clients (closes: #675362).

ba807f3... by Colin Watson on 2012-06-24

Import patches-unapplied version 1:6.0p1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9028e3685d87ac0da9b7ec0b7de9b8fe791d7c98

New changelog entries:
  * Tighten libssl1.0.0 and libcrypto1.0.0-udeb dependencies to the current
    "fix" version at build time (closes: #678661).

9028e36... by Colin Watson on 2012-05-26

Import patches-unapplied version 1:6.0p1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a7ab0a248f719c14aeb65ada89a2459ff11a74af

New changelog entries:
  [ Roger Leigh ]
  * Display dynamic part of MOTD from /run/motd.dynamic, if it exists
    (closes: #669699).
  [ Colin Watson ]
  * Update OpenSSH FAQ to revision 1.113, fixing missing line break (closes:
    #669667).
  * New upstream release (closes: #671010,
    http://www.openssh.org/txt/release-6.0).
    - Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections
      (closes: #643312, #650512, #671075).
    - Add a new privilege separation sandbox implementation for Linux's new
      seccomp sandbox, automatically enabled on platforms that support it.
      (Note: privilege separation sandboxing is still experimental.)
  * Fix a bashism in configure's seccomp_filter check.
  * Add a sandbox fallback mechanism, so that behaviour on Linux depends on
    whether the running system's kernel has seccomp_filter support, not the
    build system's kernel (forwarded upstream as
    https://bugzilla.mindrot.org/show_bug.cgi?id=2011).

a7ab0a2... by Colin Watson on 2012-04-02

Import patches-unapplied version 1:5.9p1-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8d25441f86a7594bf6ebf41e13971538f34c27f8

New changelog entries:
  * Use dpkg-buildflags, including for hardening support; drop use of
    hardening-includes.
  * Fix cross-building:
    - Allow using a cross-architecture pkg-config.
    - Pass default LDFLAGS to contrib/Makefile.
    - Allow dh_strip to strip gnome-ssh-askpass, rather than calling
      'install -s'.

8d25441... by Colin Watson on 2012-03-19

Import patches-unapplied version 1:5.9p1-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2866bed0df0cdd96a302ced62494437e59a4ca5f

New changelog entries:
  * Disable OpenSSL version check again, as its SONAME is sufficient
    nowadays (closes: #664383).