If you still fear regression issues: Maybe the new release can be
initially configured as additional sshd (other port, other name).
--
Please backport OpenSSH 5.1 to Hardy
https://bugs.launchpad.net/bugs/286337
You received this bug notification because you are a member of Ubuntu
Backports Testin
hmmm nothing here for a while. I just stumbled upon this trying to get an sftp
chrooted env setup and realized how clumsy and hard it seemed without the
latest openssh. On a centos system I resorted to using scponly but on my hardy
server I'm not going to use that hack.
an openssh5 install wou
For those who are interested, its not that hard to compile your own
version. I had to remove all of openssh (server+client) using synaptic,
and then compiled and packaged using checkinstall.
For some reason, the init script no longer worked so I did a removal all (or
whatever its called: remove e
I'm travelling this weekend. I'll try to have a look on Monday at what's
needed.
--
Please backport OpenSSH 5.1 to Hardy
https://bugs.launchpad.net/bugs/286337
You received this bug notification because you are a member of Ubuntu
Backports Testing Team, which is subscribed to Hardy Backports.
I will volunteer happily! :)
Aras "Russ" Memisyazici
Systems Administrator
Office of Research
Virginia Tech
-Original Message-
From: Scott Kitterman
Sent: Saturday, October 10, 2009 11:25 AM
To: Memisyazici, Aras
Subject: [Bug 286337] Re: Please backport OpenSSH 5.1 to Ha
I'd like to help, but have never done any formal testing. What does it
entail?
--
Please backport OpenSSH 5.1 to Hardy
https://bugs.launchpad.net/bugs/286337
You received this bug notification because you are a member of Ubuntu
Backports Testing Team, which is subscribed to Hardy Backports.
--
This bug and the rationale for it has morphed a bit over time. Based on
the features being discussed, I can see where a backport might make
sense if we can test it adequately (meaning make sure it works with all
the rdepends). Is anyone up for doing the testing?
--
Please backport OpenSSH 5.1 t
I agree with Ray Robert. What's being asked for here is not a bleeding
edge version upgrade, but rather an upgrade to an openssh version that
supports easily setting up a chroot environment. This WILL lead to
enhanced security. It makes no sense that the current LTS server edition
doesn't support t
Stability is an important value in a server, but it's not the only
value.
Offering SFTP in a limited directory tree is a common server function.
The claim that there is no security value in offering a version of
OpenSSH with simplified SFTP chroot is rather disingenuous. The Ubuntu
position appea
> A server edition like LTS purports to be requires something better
than SSH 4.8.
Nope, on a server you typically value stability more than getting the
latest bleeding edge version. 4.8 is actually a quite recent version
if you compare to what is included in other currently supported
"enterprise"
The comment, "[I]f you want a newer openssh version, you will have to
upgrade." doesn't really make sense. This is no LTS upgrade available.
A server edition like LTS purports to be requires something better than
SSH 4.8.
--
Please backport OpenSSH 5.1 to Hardy
https://bugs.launchpad.net/bugs/2
On the surface it's not unreasonable, but it's an approach that's not
really maintainable. For packages like this, there really isn't a good
in-archive solution. A dedicated PPA is probably your best approach. I
understand Canonical is doing something similar (dedicated PPA) to get
Python 2.6 in
Hehehe :) I agree with you Scott wholeheartedly my friend! (on your
comment about the auditors) However, what about Pablo's suggestion?
Maybe release openssh v5.0 as openssh5-server and openssh5-client? Is
this really such an un-reasonable request?
--
Please backport OpenSSH 5.1 to Hardy
https://
VTKnightMare: Your so called auditors are idiots. Ubuntu's openssh
packages were patched for this issue over a year ago.
http://www.ubuntu.com/usn/usn-597-1
Playing version string games is not a reason for a backport. The
reasons for not backporting stand.
** Changed in: hardy-backports
VTKnightMare: Backports are *not* done in order to fix bugs. Instead,
fixes for security problems are isolated as a patch, applied to the
version in the repository and uploaded to hardy-security. In fact, if
you look at https://launchpad.net/ubuntu/+source/openssh you can see
that the particular vu
I second Pablo's recommendation. I've recently undergone a PCI audit,
and was flagged for not using OpenSSH 5.0p1 due to a known vulnerability
in 4.7p1 (CVE-2008-1483)
If we can please backport this, I would be very appreciative!
Thank you,
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename
May be we can find a middle ground for it, like backport it with an
alternative name like openssh5. This way those who really need the new
features not present in hardy can have it, and you keep the backports
repositories safe as usual.
--
Please backport OpenSSH 5.1 to Hardy
https://bugs.launchp
Martijn:
If you really want it, you can get a backport from my PPA:
https://edge.launchpad.net/~rainct/+archive
[DISCLAIMER: All files there com with NO support from Canonical nor
Ubuntu, and only limited maintenance from me. Use them at your own
responsability.]
--
Please backport OpenSSH 5.1
openssh is unfortunately one of the packages we don't do backporting
for, the chance of regression is way too high, and the benefits are
fairly low. Normal security backfixes are provided by the security team,
but if you want a newer openssh version, you will have to upgrade.
** Changed in: hardy-
Thank you for your bug report, but I've removed the security flag. This
should be used to highlight a specific security vulnerability in a
package. In the event of a specific security vulnerability, a bug report
should be opened against the affected package, so that the package can
be fixed as a SR
20 matches
Mail list logo
