Accepted openssh 1:7.1p2-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 14 Jan 2016 15:28:03 +0000
Source: openssh
Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.1p2-1
Distribution: unstable
Urgency: high
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
openssh-client - secure shell (SSH) client, for secure access to remote machines
openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol
openssh-client-udeb - secure shell client for the Debian installer (udeb)
openssh-server - secure shell (SSH) server, for secure access from remote machines
openssh-server-udeb - secure shell server for the Debian installer (udeb)
openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
ssh - secure shell client and server (metapackage)
ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
ssh-krb5 - secure shell client and server (transitional package)
Closes: 810984
Changes:
openssh (1:7.1p2-1) unstable; urgency=high
.
* New upstream release (http://www.openssh.com/txt/release-7.1p2):
- CVE-2016-0777, CVE-2016-0778: Disable experimental client-side support
for roaming, which could be tricked by a malicious server into leaking
client memory to the server, including private client user keys; this
information leak is restricted to connections to malicious or
compromised servers (closes: #810984).
- SECURITY: Fix an out of-bound read access in the packet handling code.
Reported by Ben Hawkes.
- Further use of explicit_bzero has been added in various buffer
handling code paths to guard against compilers aggressively doing
dead-store removal.
Checksums-Sha1:
89b110673f494251c90972f07ee8d2d79d35e91a 2835 openssh_7.1p2-1.dsc
9202f5a2a50c8a55ecfb830609df1e1fde97f758 1475829 openssh_7.1p2.orig.tar.gz
f7a906cafdb5c148086c7a245f5a267996552a5d 148576 openssh_7.1p2-1.debian.tar.xz
Checksums-Sha256:
a1f6b01e2229f167f35e5f5378181f3d931196919efa1a8c379709686c79a639 2835 openssh_7.1p2-1.dsc
dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd 1475829 openssh_7.1p2.orig.tar.gz
349d952bd32dbce1191deb3cd79b37d5380610766a3b047eb2f295f228ce8b50 148576 openssh_7.1p2-1.debian.tar.xz
Files:
dd0ef27249e07ef1e16066ea7762622f 2835 net standard openssh_7.1p2-1.dsc
4d8547670e2a220d5ef805ad9e47acf2 1475829 net standard openssh_7.1p2.orig.tar.gz
413eee29fec1fa26546265c5e2eef4cf 148576 net standard openssh_7.1p2-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer
iQIVAwUBVpe+izk1h9l9hlALAQgy0g/+PVFmowkheu+LuvXdus9NmQK4l5nxFOXz
Qkxcc41/speKhMYZK2sUYvRx7H/PlPW+Sorpqs+l9p5V9pVrgN3PWnf4iMZkSK6J
bt0OWM2KjUXkL9u3hpotoX8ZfvuZqjVxrqrnPNUV46lvD1qryLPtlWXGMAySwdA3
txpyUTpNTV7fFnsqzEqd1xEd5nC/Aa/QBfqTZAToNWpTipec+UEWJX8gimDoDInw
IdDcWvE/Bxvrath2TYsN5mKUIIfpPMtx0mD0CI/wB+r6NgtMVU9G6iYaWxrHlZ10
AHo9sSwa9AO9BDe1mL8+7sYPsXqackno8vZeYVmzB2b4SdPKGFJlfgLpfRSolHtM
83lj0mLK1DxL2GJRVs1GL0EzgBWU9oc32KxnfbeqyNYVglDP6I/Wdxz8kX+a/xcT
ewLQK8wVblANVuYIXIbeqcWETZh3mhtij0hDSEr9NfT74uZ6loZ+gEqN/BfSN8yT
9I+UUXKUABQYdFWOdeZbvBTs9EBNQbuAu8CXW8HUM9dgJI3pW6/QS3YqEl+WE5fm
fj86xANwgHTJChcS4TVmnMmhnQhhdzDnxyJ77QoeiPYReGFX1ApjrBrYpTk85L2/
3asonayCpL0vtjf/7dsRKkRDsMpgz3POnCYk9qy0V29EhlxMK6QFK4il9+/9SugD
XTnsEUgwdhI=
=Bku6
-----END PGP SIGNATURE-----