We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:
openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
to pool/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
to pool/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
openssh_3.8.1p1-8.sarge.4.diff.gz
to pool/main/o/openssh/openssh_3.8.1p1-8.sarge.4.diff.gz
openssh_3.8.1p1-8.sarge.4.dsc
to pool/main/o/openssh/openssh_3.8.1p1-8.sarge.4.dsc
ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
to pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
ssh_3.8.1p1-8.sarge.4_powerpc.deb
to pool/main/o/openssh/ssh_3.8.1p1-8.sarge.4_powerpc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <email address hidden> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 28 Nov 2004 12:37:16 +0000
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server-udeb
Architecture: source powerpc
Version: 1:3.8.1p1-8.sarge.4
Distribution: unstable
Urgency: high
Maintainer: Matthew Vernon <email address hidden>
Changed-By: Colin Watson <email address hidden>
Description:
openssh-client-udeb - Secure shell client for the Debian installer (udeb)
openssh-server-udeb - Secure shell server for the Debian installer (udeb)
ssh - Secure rlogin/rsh/rcp replacement (OpenSSH)
ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 248747 281595
Changes:
openssh (1:3.8.1p1-8.sarge.4) unstable; urgency=high
.
* Fix timing information leak allowing discovery of invalid usernames in
PAM keyboard-interactive authentication (backported from a patch by
Darren Tucker; closes: #281595).
* Make sure that there's a delay in PAM keyboard-interactive
authentication when PermitRootLogin is not set to yes and the correct
root password is entered (closes: #248747).
Files:
8ad7931d85460ac1f9a2971e708d1d65 906 net standard openssh_3.8.1p1-8.sarge.4.dsc
187b8455948c188c97c3bfba92120e51 155885 net standard openssh_3.8.1p1-8.sarge.4.diff.gz
ef7b58119f1f6d1bc0efd10412df2235 737276 net standard ssh_3.8.1p1-8.sarge.4_powerpc.deb
70e71d02d5370a22da119f47b492a4dc 52728 gnome optional ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
cb5fd04403ea907c8be066b620ed906a 151080 debian-installer optional openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
9cd11fbcd1bcf3e2c06b78721a727dea 160092 debian-installer optional openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
Source: openssh
Source-Version: 1:3.8.1p1-8.sarge.4
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:
openssh- client- udeb_3. 8.1p1-8. sarge.4_ powerpc. udeb o/openssh/ openssh- client- udeb_3. 8.1p1-8. sarge.4_ powerpc. udeb server- udeb_3. 8.1p1-8. sarge.4_ powerpc. udeb o/openssh/ openssh- server- udeb_3. 8.1p1-8. sarge.4_ powerpc. udeb 3.8.1p1- 8.sarge. 4.diff. gz o/openssh/ openssh_ 3.8.1p1- 8.sarge. 4.diff. gz 3.8.1p1- 8.sarge. 4.dsc o/openssh/ openssh_ 3.8.1p1- 8.sarge. 4.dsc gnome_3. 8.1p1-8. sarge.4_ powerpc. deb o/openssh/ ssh-askpass- gnome_3. 8.1p1-8. sarge.4_ powerpc. deb 1p1-8.sarge. 4_powerpc. deb o/openssh/ ssh_3.8. 1p1-8.sarge. 4_powerpc. deb
to pool/main/
openssh-
to pool/main/
openssh_
to pool/main/
openssh_
to pool/main/
ssh-askpass-
to pool/main/
ssh_3.8.
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <email address hidden> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7 client- udeb - Secure shell client for the Debian installer (udeb) server- udeb - Secure shell server for the Debian installer (udeb) 1p1-8.sarge. 4) unstable; urgency=high interactive authentication (backported from a patch by interactive c1f9a2971e708d1 d65 906 net standard openssh_ 3.8.1p1- 8.sarge. 4.dsc 8c97c3bfba92120 e51 155885 net standard openssh_ 3.8.1p1- 8.sarge. 4.diff. gz 1bc0efd10412df2 235 737276 net standard ssh_3.8. 1p1-8.sarge. 4_powerpc. deb 22da119f47b492a 4dc 52728 gnome optional ssh-askpass- gnome_3. 8.1p1-8. sarge.4_ powerpc. deb 7c8be066b620ed9 06a 151080 debian-installer optional openssh- client- udeb_3. 8.1p1-8. sarge.4_ powerpc. udeb e2c06b78721a727 dea 160092 debian-installer optional openssh- server- udeb_3. 8.1p1-8. sarge.4_ powerpc. udeb
Date: Sun, 28 Nov 2004 12:37:16 +0000
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server-udeb
Architecture: source powerpc
Version: 1:3.8.1p1-8.sarge.4
Distribution: unstable
Urgency: high
Maintainer: Matthew Vernon <email address hidden>
Changed-By: Colin Watson <email address hidden>
Description:
openssh-
openssh-
ssh - Secure rlogin/rsh/rcp replacement (OpenSSH)
ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 248747 281595
Changes:
openssh (1:3.8.
.
* Fix timing information leak allowing discovery of invalid usernames in
PAM keyboard-
Darren Tucker; closes: #281595).
* Make sure that there's a delay in PAM keyboard-
authentication when PermitRootLogin is not set to yes and the correct
root password is entered (closes: #248747).
Files:
8ad7931d85460a
187b8455948c18
ef7b58119f1f6d
70e71d02d5370a
cb5fd04403ea90
9cd11fbcd1bcf3
-----BEGIN PGP SIGNATURE-----
zAhD6TNERAv1CAJ 9n9yy/P8zhf4kp7 WoY99Rfuo9osgCd FneL J0u8AJ40=
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Colin Watson <email address hidden> -- Debian developer
iD8DBQFBqcvH9t0
0RmN8Hcxkw5sO8W
=zOT0
-----END PGP SIGNATURE-----