Re: [arch-dev-public] [signoff] openssh 5.0p1
On Mon, 14 Apr 2008, Aaron Griffin wrote: On Mon, Apr 14, 2008 at 11:13 AM, Eric Belanger <[EMAIL PROTECTED]> wrote: On Mon, 14 Apr 2008, Aaron Griffin wrote: On Fri, Apr 11, 2008 at 2:53 AM, Roman Kyrylych <[EMAIL PROTECTED]> wrote: 2008/4/9, Aaron Griffin <[EMAIL PROTECTED]>: On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin <[EMAIL PROTECTED]> wrote: New and improved ssh I haven't been able to find a comprehensive upstream change log (busy with devtools/dbscripts changes), but I know this has some large security fixes, and also contains the new-fangled chroot ability. That's right, sshd should not have the ability to chroot users built in. I know I'm excited. Should be in testing for both arches Ping. I did find this from Pierre (thanks): http://www.openssh.com/txt/release-4.9 http://www.openssh.com/txt/release-5.0 Works as usual. Signed off (i686). Moved the discussion of .pacnew issue to pacman-dev. Still need at least another x86_64 signoff, but I'd like more than that just to be safe. I've been using scp for the last few days and it works fine. If that's enough, consider it signed off for x86_64. Otherwise, I could test the ssh client and server tonight. It'd be nice if you can test the server. I don't want it to randomly make remote machines unreachable. 8) Signing off both arches. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: [arch-dev-public] [signoff] openssh 5.0p1
Am Montag, 14. April 2008 18:17:16 schrieb Aaron Griffin: > Still need at least another x86_64 signoff, but I'd like more than > that just to be safe. signoff for both arches. tested ssh and sshd. -- archlinux.de
Re: [arch-dev-public] [signoff] openssh 5.0p1
Aaron Griffin schrieb: Works as usual. Signed off (i686). Moved the discussion of .pacnew issue to pacman-dev. Still need at least another x86_64 signoff, but I'd like more than that just to be safe. ssh working fine (I use it all the time), and I received several GB of data with sshd and sftp, so I think I can sign off. If the ssh client would break, you would hear me crying and shouting from Aachen to Chicago anyway. signature.asc Description: OpenPGP digital signature
Re: [arch-dev-public] [signoff] openssh 5.0p1
On Mon, Apr 14, 2008 at 11:13 AM, Eric Belanger <[EMAIL PROTECTED]> wrote: > > On Mon, 14 Apr 2008, Aaron Griffin wrote: > > > > On Fri, Apr 11, 2008 at 2:53 AM, Roman Kyrylych > > <[EMAIL PROTECTED]> wrote: > > > > > 2008/4/9, Aaron Griffin <[EMAIL PROTECTED]>: > > > > > > > > > > > > > On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin > <[EMAIL PROTECTED]> wrote: > > > > > > > > > New and improved ssh > > > > > > > > > > I haven't been able to find a comprehensive upstream change log > (busy > > > > > with devtools/dbscripts changes), but I know this has some large > > > > > security fixes, and also contains the new-fangled chroot ability. > > > > > That's right, sshd should not have the ability to chroot users > built > > > > > in. I know I'm excited. > > > > > > > > > > Should be in testing for both arches > > > > > > > > > > > > Ping. > > > > > > > > I did find this from Pierre (thanks): > > > >http://www.openssh.com/txt/release-4.9 > > > >http://www.openssh.com/txt/release-5.0 > > > > > > Works as usual. Signed off (i686). > > > Moved the discussion of .pacnew issue to pacman-dev. > > > > > > > Still need at least another x86_64 signoff, but I'd like more than > > that just to be safe. > > > > > > I've been using scp for the last few days and it works fine. If that's > enough, consider it signed off for x86_64. Otherwise, I could test the ssh > client and server tonight. It'd be nice if you can test the server. I don't want it to randomly make remote machines unreachable. 8)
Re: [arch-dev-public] [signoff] openssh 5.0p1
On Mon, 14 Apr 2008, Aaron Griffin wrote: On Fri, Apr 11, 2008 at 2:53 AM, Roman Kyrylych <[EMAIL PROTECTED]> wrote: 2008/4/9, Aaron Griffin <[EMAIL PROTECTED]>: On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin <[EMAIL PROTECTED]> wrote: > > New and improved ssh > > > > I haven't been able to find a comprehensive upstream change log (busy > > with devtools/dbscripts changes), but I know this has some large > > security fixes, and also contains the new-fangled chroot ability. > > That's right, sshd should not have the ability to chroot users built > > in. I know I'm excited. > > > > Should be in testing for both arches > > > Ping. > > I did find this from Pierre (thanks): >http://www.openssh.com/txt/release-4.9 >http://www.openssh.com/txt/release-5.0 Works as usual. Signed off (i686). Moved the discussion of .pacnew issue to pacman-dev. Still need at least another x86_64 signoff, but I'd like more than that just to be safe. I've been using scp for the last few days and it works fine. If that's enough, consider it signed off for x86_64. Otherwise, I could test the ssh client and server tonight. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: [arch-dev-public] [signoff] openssh 5.0p1
On Fri, Apr 11, 2008 at 2:53 AM, Roman Kyrylych <[EMAIL PROTECTED]> wrote: > 2008/4/9, Aaron Griffin <[EMAIL PROTECTED]>: > > > > On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin <[EMAIL PROTECTED]> wrote: > > > New and improved ssh > > > > > > I haven't been able to find a comprehensive upstream change log (busy > > > with devtools/dbscripts changes), but I know this has some large > > > security fixes, and also contains the new-fangled chroot ability. > > > That's right, sshd should not have the ability to chroot users built > > > in. I know I'm excited. > > > > > > Should be in testing for both arches > > > > > > Ping. > > > > I did find this from Pierre (thanks): > >http://www.openssh.com/txt/release-4.9 > >http://www.openssh.com/txt/release-5.0 > > Works as usual. Signed off (i686). > Moved the discussion of .pacnew issue to pacman-dev. Still need at least another x86_64 signoff, but I'd like more than that just to be safe.
Re: [arch-dev-public] [signoff] openssh 5.0p1
2008/4/9, Aaron Griffin <[EMAIL PROTECTED]>: > On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin <[EMAIL PROTECTED]> wrote: > > New and improved ssh > > > > I haven't been able to find a comprehensive upstream change log (busy > > with devtools/dbscripts changes), but I know this has some large > > security fixes, and also contains the new-fangled chroot ability. > > That's right, sshd should not have the ability to chroot users built > > in. I know I'm excited. > > > > Should be in testing for both arches > > > Ping. > > I did find this from Pierre (thanks): >http://www.openssh.com/txt/release-4.9 >http://www.openssh.com/txt/release-5.0 Works as usual. Signed off (i686). Moved the discussion of .pacnew issue to pacman-dev. -- Roman Kyrylych (Роман Кирилич)
Re: [arch-dev-public] [signoff] openssh 5.0p1
On Thu, Apr 10, 2008 at 9:23 AM, Roman Kyrylych <[EMAIL PROTECTED]> wrote: > > Hmm.. > pacman created /etc/ssh/sshd_config.pacnew, but I didn't modify > sshd_config, so I wonder why pacman didn't just overwrite it. :-/ > Could you keep your /etc/ssh/sshd_config file, downgrade openssh to the older version, then check the output of pacman -Qii openssh ? And check the md5sum manually if needed. If it tells you sshd_config is indeed not modified, try upgrading again, using --debug this time, and check the debug output of pacman.
Re: [arch-dev-public] [signoff] openssh 5.0p1
2008/4/9, Aaron Griffin <[EMAIL PROTECTED]>: > On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin <[EMAIL PROTECTED]> wrote: > > New and improved ssh > > > > I haven't been able to find a comprehensive upstream change log (busy > > with devtools/dbscripts changes), but I know this has some large > > security fixes, and also contains the new-fangled chroot ability. > > That's right, sshd should not have the ability to chroot users built > > in. I know I'm excited. > > > > Should be in testing for both arches > > > Ping. > > I did find this from Pierre (thanks): >http://www.openssh.com/txt/release-4.9 >http://www.openssh.com/txt/release-5.0 > > Hmm.. pacman created /etc/ssh/sshd_config.pacnew, but I didn't modify sshd_config, so I wonder why pacman didn't just overwrite it. :-/ -- Roman Kyrylych (Роман Кирилич)
Re: [arch-dev-public] [signoff] openssh 5.0p1
On Tue, Apr 8, 2008 at 2:13 AM, Aaron Griffin <[EMAIL PROTECTED]> wrote: > New and improved ssh > > I haven't been able to find a comprehensive upstream change log (busy > with devtools/dbscripts changes), but I know this has some large > security fixes, and also contains the new-fangled chroot ability. > That's right, sshd should not have the ability to chroot users built > in. I know I'm excited. > > Should be in testing for both arches Ping. I did find this from Pierre (thanks): http://www.openssh.com/txt/release-4.9 http://www.openssh.com/txt/release-5.0
Re: [arch-dev-public] [signoff] openssh 5.0p1
On Tue, Apr 8, 2008 at 2:23 AM, Thomas Bächler <[EMAIL PROTECTED]> wrote: > Aaron Griffin schrieb: > > > > Should be in testing for both arches > > > > BTW, there is no x86_64 package. Uploaded. Thanks for pointing that out
Re: [arch-dev-public] [signoff] openssh 5.0p1
Aaron Griffin schrieb: Should be in testing for both arches BTW, there is no x86_64 package. signature.asc Description: OpenPGP digital signature
Re: [arch-dev-public] [signoff] openssh 5.0p1
Aaron Griffin schrieb: New and improved ssh I haven't been able to find a comprehensive upstream change log (busy with devtools/dbscripts changes), but I know this has some large security fixes, and also contains the new-fangled chroot ability. That's right, sshd should not have the ability to chroot users built in. I know I'm excited. Should be in testing for both arches The vulnerability is not that big: http://www.heise-online.co.uk/news/OpenSSH-developers-up-the-ante-with-version-5-0--/110477 signature.asc Description: OpenPGP digital signature