Back to openssh PTS page

Accepted openssh 1:4.7p1-9 (source all i386)

To: debian-devel-changes@lists.debian.org
Subject: Accepted openssh 1:4.7p1-9 (source all i386)
From: Colin Watson <cjwatson@debian.org>
Date: Tue, 13 May 2008 15:02:12 +0000
Message-id: <E1Jvw16-0003ZX-LM@ries.debian.org>
Sender: Archive Administrator <dak@ftp-master.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 13 May 2008 12:33:38 +0100
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source all i386
Version: 1:4.7p1-9
Distribution: unstable
Urgency: critical
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 openssh-client - secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell server, an rshd replacement
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Changes: 
 openssh (1:4.7p1-9) unstable; urgency=critical
 .
   * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-8.
   * Mitigate OpenSSL security vulnerability (CVE-2008-0166):
     - Add key blacklisting support. Keys listed in
       /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by
       sshd, unless "PermitBlacklistedKeys yes" is set in
       /etc/ssh/sshd_config.
     - Add a new program, ssh-vulnkey, which can be used to check keys
       against these blacklists.
     - Depend on openssh-blacklist.
     - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least
       0.9.8g-9.
     - Automatically regenerate known-compromised host keys, with a
       critical-priority debconf note. (I regret that there was no time to
       gather translations.)
Checksums-Sha1: 
 eee27f1ec2b60d04f66977c8079a017223cacc72 1486 openssh_4.7p1-9.dsc
 dca9726b68da25721d1007088f24f8dffef3f246 198731 openssh_4.7p1-9.diff.gz
 6405cc21a6720f0bc19365efd4526597cd1541a1 1042 ssh_4.7p1-9_all.deb
 39d50a09f491fa5d197a678e4597724c7f03c8b9 88546 ssh-krb5_4.7p1-9_all.deb
 3dcf8c26f67d6de5b2c9831dc6957eb07dc99df7 706606 openssh-client_4.7p1-9_i386.deb
 0b4d39ab70c3e03fdd48f2f738385bd855cfd44b 247908 openssh-server_4.7p1-9_i386.deb
 4497733a683dd04ba59ac870a3836252bfcf4892 96022 ssh-askpass-gnome_4.7p1-9_i386.deb
 61da918e62ac7cc07535708237efcd779bb67e21 159204 openssh-client-udeb_4.7p1-9_i386.udeb
 5ada8e524b2c39b8295930ef7217aae615c58fdc 171452 openssh-server-udeb_4.7p1-9_i386.udeb
Checksums-Sha256: 
 8e12adf0ef132facdd16fe705e5cd850bfe7ff2244cbf37c5d399dc607534881 1486 openssh_4.7p1-9.dsc
 58deb57c5e43abe6e6a471052c36da053143a7b1d1e10d2f4b8c486feba128b5 198731 openssh_4.7p1-9.diff.gz
 5d21798c79b118b4c198f12b1ad018b2e687d9fd609230bbb0e52025a7452996 1042 ssh_4.7p1-9_all.deb
 2eb6b705568c85067dcb4bc94cd687298e526305f51f1f052e2e9f3fa21c584a 88546 ssh-krb5_4.7p1-9_all.deb
 3ffe0e46a18e6619c62bde6a2c4143044529ebbf014d05ade5cddfe9361c1f0b 706606 openssh-client_4.7p1-9_i386.deb
 8376f3126302861600a050b6b344a922eb6e95e832a64858ed4fc82707a6ec89 247908 openssh-server_4.7p1-9_i386.deb
 dabc518ddf54ef493c4556ccdb736e15a13b8fa4ebe83958a2c81384c9a1cd77 96022 ssh-askpass-gnome_4.7p1-9_i386.deb
 4d4cb6a4de171516322251fdc9d60b7d845fe77ae46966f99261cab249319d38 159204 openssh-client-udeb_4.7p1-9_i386.udeb
 c7485e8a5d4e19cb7394dd07124dba5520a62eb4bea6826156bb194f831e6701 171452 openssh-server-udeb_4.7p1-9_i386.udeb
Files: 
 8f129325a4550e9cbcca11ecd7651f0b 1486 net standard openssh_4.7p1-9.dsc
 6051b4a0a1252140c03ca40fde289613 198731 net standard openssh_4.7p1-9.diff.gz
 793711835ea88ff3f69dba1d7985f917 1042 net extra ssh_4.7p1-9_all.deb
 82399b099298ff2457b4d700c1df35f7 88546 net extra ssh-krb5_4.7p1-9_all.deb
 d21df5a9b51ba8fe5ac91c253932901d 706606 net standard openssh-client_4.7p1-9_i386.deb
 60b6f6c3a1fc4f7857990a05b3aa6045 247908 net optional openssh-server_4.7p1-9_i386.deb
 1f58484d56d850e3e9f25df4852afde4 96022 gnome optional ssh-askpass-gnome_4.7p1-9_i386.deb
 36471fbddba1c1ce22dd7b17a8b91933 159204 debian-installer optional openssh-client-udeb_4.7p1-9_i386.udeb
 f0899da1440cf737b91afe7fc3450c65 171452 debian-installer optional openssh-server-udeb_4.7p1-9_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer

iD8DBQFIKX2B9t0zAhD6TNERAki9AJ40caD5JUs7T++9j3AZVjfOBlr5bACfTN2/
EwI7BVtFrNlywEkur5Q/P7U=
=J1i6
-----END PGP SIGNATURE-----


Accepted:
openssh-client-udeb_4.7p1-9_i386.udeb
  to pool/main/o/openssh/openssh-client-udeb_4.7p1-9_i386.udeb
openssh-client_4.7p1-9_i386.deb
  to pool/main/o/openssh/openssh-client_4.7p1-9_i386.deb
openssh-server-udeb_4.7p1-9_i386.udeb
  to pool/main/o/openssh/openssh-server-udeb_4.7p1-9_i386.udeb
openssh-server_4.7p1-9_i386.deb
  to pool/main/o/openssh/openssh-server_4.7p1-9_i386.deb
openssh_4.7p1-9.diff.gz
  to pool/main/o/openssh/openssh_4.7p1-9.diff.gz
openssh_4.7p1-9.dsc
  to pool/main/o/openssh/openssh_4.7p1-9.dsc
ssh-askpass-gnome_4.7p1-9_i386.deb
  to pool/main/o/openssh/ssh-askpass-gnome_4.7p1-9_i386.deb
ssh-krb5_4.7p1-9_all.deb
  to pool/main/o/openssh/ssh-krb5_4.7p1-9_all.deb
ssh_4.7p1-9_all.deb
  to pool/main/o/openssh/ssh_4.7p1-9_all.deb