Ubuntu
openssh package

openssh (1:4.7p1-8ubuntu2) hardy-proposed MISSES UPDATES FROM openssh (1:4.7p1-8ubuntu1.2) hardy-security

Bug #722505 reported by Thorsten Glaser
This bug report is a duplicate of:  Bug #713002: Impossible to disable IPv4. Edit Remove
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
New
Undecided
Unassigned

Bug Description

Regression in hardy-proposed: ssh-vulnkey disappeared:

openssh (1:4.7p1-8ubuntu2) hardy-proposed; urgency=low

  * Backport from upstream:
    - Only listen for IPv6 connections on AF_INET6 sockets (LP: #713002).

 -- Colin Watson <email address hidden> Tue, 08 Feb 2011 11:49:01 +0000

openssh (1:4.7p1-8ubuntu1) hardy; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - Add support for registering ConsoleKit sessions on login.

 -- Colin Watson <email address hidden> Sun, 06 Apr 2008 12:44:11 +0100

Top of changelog.Debian.gz from hardy-security:

openssh (1:4.7p1-8ubuntu1.2) hardy-security; urgency=low

  * Add a FILES section to ssh-vulnkey(1) (thanks, Hugh Daniel).
  * ssh-vulnkey handles options in authorized_keys (LP: #230029), and treats
    # as introducing a comment even if it is preceded by whitespace (thanks
    Colin Watson)

 -- Jamie Strandboge <email address hidden> Wed, 14 May 2008 08:32:08 -0400

openssh (1:4.7p1-8ubuntu1.1) hardy-security; urgency=low

  * Mitigate OpenSSL security vulnerability thanks to Colin Watson:
    - Add key blacklisting support. Keys listed in
      /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by
      sshd, unless "PermitBlacklistedKeys yes" is set in
      /etc/ssh/sshd_config.
    - Add a new program, ssh-vulnkey, which can be used to check keys
      against these blacklists.
    - Depend on openssh-blacklist.
    - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least
      0.9.8g-4ubuntu3.1.
    - Automatically regenerate known-compromised host keys, with a
      critical-priority debconf note. (I regret that there was no time to
      gather translations.)
  * added README.compromised-keys thanks to Colin Watson
  * References
    CVE-2008-0166
    http://www.ubuntu.com/usn/usn-612-1

 -- Jamie Strandboge <email address hidden> Mon, 12 May 2008 23:44:33 -0400

openssh (1:4.7p1-8ubuntu1) hardy; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - Add support for registering ConsoleKit sessions on login.

 -- Colin Watson <email address hidden> Sun, 06 Apr 2008 12:44:11 +0100

Please resynchronise, thanks!

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Thanks for reporting this! I'm marking it as a duplicate of bug #713002, and adding a comment there.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.