Control: tags -1 + confirmed On Sun, 2026-05-03 at 18:25 +0100, Colin Watson wrote: > Firstly, OpenSSH 10.3 included several minor security updates. The > security team has marked them no-dsa, but I'd like to fix them in a > stable update. > > Secondly, the IPQoS situation in Debian's OpenSSH packages has been > unsatisfactory for some time. We've previously been carrying a patch > that reverted changes made in OpenSSH 7.8 due to regressions in > iptables and VMware (the latter of which was fixed in 2019). In > OpenSSH 10.1, upstream reworked their QoS support to use EF > (Expedited Forwarding) for interactive traffic and the OS default for > non-interactive traffic, which is especially useful for > differentiated treatment over wireless networks; they also now adapt > the QoS value when a non-interactive channel is open even if the > session started interactive, which produces much better results in > various situations where sessions move large amounts of data despite > initially appearing to be interactive.
Please go ahead. Regards, Adam
