impish has gone EOL without any further security updates to openssh,
therefore I am removing this package from -proposed and closing this bug
wontfix as part of the EOL process.
** Changed in: openssh (Ubuntu Impish)
Status: Fix Committed => Won't Fix
--
You received this bug notification
** Changed in: openssh (Ubuntu Impish)
Assignee: Athos Ribeiro (athos-ribeiro) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1903516
Title:
aborted (
Since the only thing left here is the staged SRU for impish, I am
unsubscribing the server team and removing the server-todo tag from this
bug.
** Tags removed: server-todo
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to open
This bug was fixed in the package openssh - 1:8.2p1-4ubuntu0.5
---
openssh (1:8.2p1-4ubuntu0.5) focal; urgency=medium
* d/p/fix-connect-timeout-overflow.patch: prevent ConnectTimeout overflow.
(LP: #1903516)
[ Sergio Durigan Junior ]
* d/p/lp1966591-upstream-preserve-group-
This bug was fixed in the package openssh - 1:7.6p1-4ubuntu0.7
---
openssh (1:7.6p1-4ubuntu0.7) bionic; urgency=medium
* d/p/fix-connect-timeout-overflow.patch: prevent ConnectTimeout overflow.
(LP: #1903516)
[ Sergio Durigan Junior ]
* d/p/lp1966591-upstream-preserve-group
I performed verification for bionic, impish, and focal in the following
fashion:
- Launched new lxd container
- ran `ssh -o "ConnectTimeout=$(perl -e 'use POSIX; my $max =
int(POSIX::INT_MAX/1000)+1; print "$max\n";')" localhost` to verify it triggers
the bug. All containers returned "Aborted (c
Given that openssh occasionally has security updates I wonder how long
this will last in -proposed but since the work was already done I'll
accept it.
** Changed in: openssh (Ubuntu Impish)
Status: In Progress => Fix Committed
** Tags added: verification-needed verification-needed-impish
** Tags added: block-proposed-impish
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1903516
Title:
aborted (core dumped) when using ConnectTimeout > 2147483
Status in por
** Changed in: openssh (Ubuntu Bionic)
Status: Triaged => In Progress
** Changed in: openssh (Ubuntu Focal)
Status: Triaged => In Progress
** Changed in: openssh (Ubuntu Impish)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of
** Merge proposal linked:
https://code.launchpad.net/~sergiodj/ubuntu/+source/openssh/+git/openssh/+merge/418102
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1903516
T
** Merge proposal linked:
https://code.launchpad.net/~sergiodj/ubuntu/+source/openssh/+git/openssh/+merge/418101
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1903516
T
** Merge proposal linked:
https://code.launchpad.net/~athos-ribeiro/ubuntu/+source/openssh/+git/openssh/+merge/417971
** Merge proposal linked:
https://code.launchpad.net/~athos-ribeiro/ubuntu/+source/openssh/+git/openssh/+merge/417972
** Merge proposal linked:
https://code.launchpad.
** Description changed:
+ [Impact]
+
+ Setting ConnectTimeout to a value higher than INT_MAX/1000 causes the
+ ssh client to crash. This happens due to an integer overflow which was
+ fixed upstream with the patch being proposed for this SRU, which caps
+ the effective value for that option at IN
This seems to be a good case for a staged SRU given the low priority of
the issue.
** Changed in: openssh (Ubuntu Impish)
Assignee: (unassigned) => Athos Ribeiro (athos-ribeiro)
** Changed in: openssh (Ubuntu Focal)
Assignee: (unassigned) => Athos Ribeiro (athos-ribeiro)
** Changed in:
** Changed in: openssh (Ubuntu Bionic)
Importance: Undecided => Low
** Changed in: openssh (Ubuntu Focal)
Importance: Undecided => Low
** Changed in: openssh (Ubuntu Impish)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Touch seed
** Also affects: openssh (Ubuntu Jammy)
Importance: Low
Status: Triaged
** Changed in: openssh (Ubuntu Jammy)
Status: Triaged => Fix Released
** Changed in: openssh (Ubuntu Bionic)
Status: New => Triaged
** Changed in: openssh (Ubuntu Focal)
Status: New => Triaged
This was fixed upstream on
http://anongit.mindrot.org/openssh.git/commit/?id=819b44e8b9af6ce18d3ec7505b9f461bf7991a1f
which was released in 8.6p1.
This affects impish, focal and bionic.
** Also affects: openssh (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: openss
Hi Paride,
Thanks for filing the upstream bug report. I totally agree that this bug
is of low importance.
My colleague actually encountered this problem because he really didn't
want a SSH tunnel to time out. He could not figure out what was causing
the crash but I found it out after some digging
Hello Bert and thanks for this bug report. I could easily reproduce the
issue you described, but I think it would best be fixed upstream rather
than with an Ubuntu specific patch. I filed an upstream bug report [1]
and linked it to this one.
Given that triggering this bug requires a very odd setti
** Bug watch added: OpenSSH Portable Bugzilla #3229
https://bugzilla.mindrot.org/show_bug.cgi?id=3229
** Also affects: openssh via
https://bugzilla.mindrot.org/show_bug.cgi?id=3229
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member
I attached the core dump, like you asked
** Attachment added:
"core.ssh.0.2ec456d6193048749c85e045f700231e.952027.1605108402.lz4"
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1903516/+attachment/5433492/+files/core.ssh.0.2ec456d6193048749c85e045f700231e.952027.1605108402
Thank you for taking the time to file a bug report.
Could you please provide the core dump file to help us investigate your
problem?
Since there is not enough information in your report to begin triage or to
differentiate between a local configuration problem and a bug in Ubuntu, I
am marking thi
22 matches
Mail list logo
