Ubuntu
openssh package

  1. Bug #287256
  2. Activity log

Activity log for bug #287256

Date Who What changed Old value New value Message
2008-10-21 22:32:37 b bug added bug
2008-12-13 15:43:51 Charlie Kravetz None: bugtargetdisplayname Ubuntu openssh (Ubuntu)
2008-12-13 15:43:51 Charlie Kravetz None: bugtargetname ubuntu openssh (Ubuntu)
2008-12-13 15:43:51 Charlie Kravetz None: statusexplanation Thank you for taking the time to report this bug and helping to make Ubuntu better. This bug did not have a package associated with it, which is important for ensuring that it gets looked at by the proper developers. You can learn more about finding the right package at https://wiki.ubuntu.com/Bugs/FindRightPackage . I have classified this bug as a bug in openssh. For future reference you might be interested to know that a lot of applications have bug reporting functionality built in to them. This can be accessed via the Report a Problem option in the Help menu for the application with which you are having an issue. You can learn more about this feature at https://wiki.ubuntu.com/ReportingBugs.
2008-12-13 15:43:51 Charlie Kravetz None: title Bug #287256 in Ubuntu: "hardy ppc (ports.ubuntu.com) includes broken (old) openssh-client package which only generates comprimized keys." Bug #287256 in openssh (Ubuntu): "hardy ppc (ports.ubuntu.com) includes broken (old) openssh-client package which only generates comprimized keys."
2009-01-24 19:46:46 Colin Watson openssh: status New Fix Released
2009-01-24 19:46:46 Colin Watson openssh: statusexplanation Thank you for taking the time to report this bug and helping to make Ubuntu better. This bug did not have a package associated with it, which is important for ensuring that it gets looked at by the proper developers. You can learn more about finding the right package at https://wiki.ubuntu.com/Bugs/FindRightPackage . I have classified this bug as a bug in openssh. For future reference you might be interested to know that a lot of applications have bug reporting functionality built in to them. This can be accessed via the Report a Problem option in the Help menu for the application with which you are having an issue. You can learn more about this feature at https://wiki.ubuntu.com/ReportingBugs. This security vulnerability was discovered after the original release of hardy, and updated packages were issued long ago for all architectures, including powerpc. It sounds like you have not applied security updates to your system. The master archive shows; openssh-client | 1:4.7p1-8ubuntu1 | hardy | amd64, hppa, i386, ia64, lpia, powerpc, sparc openssh-client | 1:4.7p1-8ubuntu1.2 | hardy-security | amd64, hppa, i386, ia64, lpia, powerpc, sparc openssh-client | 1:4.7p1-8ubuntu1.2 | hardy-updates | amd64, hppa, i386, ia64, lpia, powerpc, sparc Make sure that the following lines are in /etc/apt/sources.list: deb http://ports.ubuntu.com/ubuntu-ports hardy-security main restricted universe multiverse deb-src http://ports.ubuntu.com/ubuntu-ports hardy-security main restricted universe multiverse deb http://ports.ubuntu.com/ubuntu-ports hardy-updates main restricted universe multiverse deb-src http://ports.ubuntu.com/ubuntu-ports hardy-updates main restricted universe multiverse Then press "Check" followed by "Install Updates" in System -> Administration -> Update Manager, or run 'sudo apt-get update' and 'sudo apt-get dist-upgrade', or whatever other upgrade method you prefer. I don't know why your system wasn't already fixed. Perhaps you simply didn't apply security updates for some reason, or perhaps you ran into some installer bug that meant that hardy-security wasn't in sources.list (though I'm astonished that at least hardy-updates wasn't there). I am confident that all such installer bugs have been fixed by now, although of course this is one area where it's particularly difficult to issue updates effectively!