-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 29 Sep 2006 16:28:24 +0100 Source: openssh Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb Architecture: source powerpc all Version: 1:4.3p2-4 Distribution: unstable Urgency: high Maintainer: Matthew Vernon <[EMAIL PROTECTED]> Changed-By: Colin Watson <[EMAIL PROTECTED]> Description: openssh-client - Secure shell client, an rlogin/rsh/rcp replacement openssh-client-udeb - Secure shell client for the Debian installer (udeb) openssh-server - Secure shell server, an rshd replacement openssh-server-udeb - Secure shell server for the Debian installer (udeb) ssh - Secure shell client and server (transitional package) ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add Closes: 369395 381942 382966 388946 389995 Changes: openssh (1:4.3p2-4) unstable; urgency=high . * Backport from 4.4p1 (since I don't have an updated version of the GSSAPI patch yet): - CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired (closes: #389995). - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. . * Read /etc/default/locale as well as /etc/environment (thanks, Raphaël Hertzog; closes: #369395). * Remove no-longer-used ssh/insecure_rshd debconf template. * Make ssh/insecure_telnetd Type: error (closes: #388946). . * debconf template translations: - Update Portuguese (thanks, Rui Branco; closes: #381942). - Update Spanish (thanks, Javier Fernández-Sanguino Peña; closes: #382966). Files: d0f547d4d7d7b457789fad36b675b728 990 net standard openssh_4.3p2-4.dsc fbf5d5159fe9aea1c08a4d121ecf12a6 168035 net standard openssh_4.3p2-4.diff.gz 21496ed39c6d844b971b638e00da1d76 1052 net extra ssh_4.3p2-4_all.deb e930263cccb7ac6aec9f49254d7bbd2c 642622 net standard openssh-client_4.3p2-4_powerpc.deb f0aa1192a564b3316666be7c8e8158ef 232998 net optional openssh-server_4.3p2-4_powerpc.deb c78d0b0207790905f76880f0e94cdb63 99368 gnome optional ssh-askpass-gnome_4.3p2-4_powerpc.deb 3f6aef414856d86e8a6ce01e19c07b14 166746 debian-installer optional openssh-client-udeb_4.3p2-4_powerpc.udeb 1193ce5b48f8a36c18a134b5e786de07 169774 debian-installer optional openssh-server-udeb_4.3p2-4_powerpc.udeb Package-Type: udeb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFFHUCf9t0zAhD6TNERAmLuAJ94JQOge6mYynW3SEdWBJBDDPBYwQCfbU/s QsCdkLgbSjJudZR5a4LCpL0= =CwZU -----END PGP SIGNATURE----- Accepted: openssh-client-udeb_4.3p2-4_powerpc.udeb to pool/main/o/openssh/openssh-client-udeb_4.3p2-4_powerpc.udeb openssh-client_4.3p2-4_powerpc.deb to pool/main/o/openssh/openssh-client_4.3p2-4_powerpc.deb openssh-server-udeb_4.3p2-4_powerpc.udeb to pool/main/o/openssh/openssh-server-udeb_4.3p2-4_powerpc.udeb openssh-server_4.3p2-4_powerpc.deb to pool/main/o/openssh/openssh-server_4.3p2-4_powerpc.deb openssh_4.3p2-4.diff.gz to pool/main/o/openssh/openssh_4.3p2-4.diff.gz openssh_4.3p2-4.dsc to pool/main/o/openssh/openssh_4.3p2-4.dsc ssh-askpass-gnome_4.3p2-4_powerpc.deb to pool/main/o/openssh/ssh-askpass-gnome_4.3p2-4_powerpc.deb ssh_4.3p2-4_all.deb to pool/main/o/openssh/ssh_4.3p2-4_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]