Ubuntu
openssh package

consider upgrade to openssh 6.5p1 for 14.04

Bug #1275068 reported by cc
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Fix Released
High
Colin Watson

Bug Description

6.5p1 was just released and contains some very nice enhancements. Given that 14.04 will be LTS, it would be nice to have this included instead of just 6.4p1

Revision history for this message
Andreas Kotes (count-launchpad) wrote :

I would go as far as saying that is has some very essential enhancements regarding data integrity, security and privacy.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openssh (Ubuntu):
status: New → Confirmed
Revision history for this message
Colin Watson (cjwatson) wrote :

Yes - I'm working on it and it'll be in 14.04.

Changed in openssh (Ubuntu):
assignee: nobody → Colin Watson (cjwatson)
importance: Undecided → High
status: Confirmed → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssh - 1:6.5p1-1

---------------
openssh (1:6.5p1-1) unstable; urgency=medium

  * New upstream release (http://www.openssh.com/txt/release-6.5,
    LP: #1275068):
    - ssh(1): Add support for client-side hostname canonicalisation using a
      set of DNS suffixes and rules in ssh_config(5). This allows
      unqualified names to be canonicalised to fully-qualified domain names
      to eliminate ambiguity when looking up keys in known_hosts or checking
      host certificate names (closes: #115286).
  * Switch to git; adjust Vcs-* fields.
  * Convert to git-dpm, and drop source package documentation associated
    with the old bzr/quilt patch handling workflow.
  * Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code,
    leaving only basic configuration file compatibility, since it has been
    nearly six years since the original vulnerability and this code is not
    likely to be of much value any more (closes: #481853, #570651). See
    https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full
    reasoning.
  * Add OpenPGP signature checking configuration to watch file (thanks,
    Daniel Kahn Gillmor; closes: #732441).
  * Add the pam_keyinit session module, to create a new session keyring on
    login (closes: #734816).
  * Incorporate default path changes from shadow 1:4.0.18.1-8, removing
    /usr/bin/X11 (closes: #644521).
  * Generate ED25519 host keys on fresh installations. Upgraders who wish
    to add such host keys should manually add 'HostKey
    /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
    'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
  * Drop long-obsolete "SSH now uses protocol 2 by default" section from
    README.Debian.
  * Add systemd support (thanks, Sven Joachim; closes: #676830).

 -- Colin Watson <email address hidden> Mon, 10 Feb 2014 14:58:26 +0000

Changed in openssh (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.