Format: 1.7 Date: Tue, 13 May 2008 01:01:56 -0400 Source: openssh Binary: openssh-client openssh-client-udeb openssh-server openssh-server-udeb ssh ssh-askpass-gnome ssh-krb5 Architecture: amd64_translations amd64 hppa_translations hppa i386_translations i386 all ia64_translations ia64 lpia_translations lpia powerpc_translations powerpc source sparc_translations sparc Version: 1:4.6p1-5ubuntu0.3 Distribution: gutsy-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Jamie Strandboge Description: openssh-client - secure shell client, an rlogin/rsh/rcp replacement openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell server, an rshd replacement openssh-server-udeb - secure shell server for the Debian installer (udeb) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh - secure shell client and server (metapackage) ssh-krb5 - secure shell client and server (transitional package) openssh-client-udeb - secure shell client for the Debian installer openssh-server-udeb - secure shell server for the Debian installer Changes: openssh (1:4.6p1-5ubuntu0.3) gutsy-security; urgency=low . * Mitigate OpenSSL security vulnerability thank to Colin Watson: - Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8c-4ubuntu0.3. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.) * added README.compromised-keys thanks to Colin Watson * References CVE-2008-0166 http://www.ubuntu.com/usn/usn-612-1 Files: 927c13678b00e703e481193b1e4d4505 64655 raw-translations - openssh_4.6p1-5ubuntu0.3_amd64_translations.tar.gz cc544fd8322a83dab8eb5f342eaca137 746302 net standard openssh-client_4.6p1-5ubuntu0.3_amd64.deb 6d5c5179be8f291956b30cc36d4ee091 268750 net optional openssh-server_4.6p1-5ubuntu0.3_amd64.deb 97c9adfa3a82f9ed54286f68b41ef966 88726 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_amd64.deb 3167e74074387dc17c98c38e1b98fd3c 176410 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_amd64.udeb 7defa55f2553fd71e391d33f392acd0e 193380 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_amd64.udeb 3004341ec9874b312813350c16f39f57 64654 raw-translations - openssh_4.6p1-5ubuntu0.3_hppa_translations.tar.gz e3d74e6034f205f69d856da33f4bc2de 735486 net standard openssh-client_4.6p1-5ubuntu0.3_hppa.deb a04daf5afd98be6e426141bfc0cb351a 260298 net optional openssh-server_4.6p1-5ubuntu0.3_hppa.deb 9bfa520f56a0618184805a0a6d3c2901 88956 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_hppa.deb 149a266c44d976961c96e351844bfc5a 190912 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_hppa.udeb b01b0a21b73016667213c26b06cad8e1 203502 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_hppa.udeb 56a70a7d56d8d7722f33d60b6cd17a71 1092 net extra ssh_4.6p1-5ubuntu0.3_all.deb 8d31925237b9d626db564487966d1f6b 64662 raw-translations - openssh_4.6p1-5ubuntu0.3_i386_translations.tar.gz 9d3e66bfbbac576c23ee4bf9827ed545 80578 net extra ssh-krb5_4.6p1-5ubuntu0.3_all.deb c18488f740b38d1a57aef8806924de8a 705630 net standard openssh-client_4.6p1-5ubuntu0.3_i386.deb ab084428f73b76c5b4db1e648a222aa4 249760 net optional openssh-server_4.6p1-5ubuntu0.3_i386.deb b051562fb7973c1dd92e6a8bb6b22854 88384 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_i386.deb e4d1cc24210b4a3327cafd41a559cd6b 158796 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_i386.udeb af3ba10602d74429b54e256fbc982187 171690 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_i386.udeb 4239c6099afaeb8cde986a9d94c96a26 64653 raw-translations - openssh_4.6p1-5ubuntu0.3_ia64_translations.tar.gz 5870f36383835fa532937e5d9f476dc1 971688 net standard openssh-client_4.6p1-5ubuntu0.3_ia64.deb e4624c651405c8bd19f86b8f9e4c065b 350304 net optional openssh-server_4.6p1-5ubuntu0.3_ia64.deb 4bed08cc31b114521b09bd5aa83ec16b 89996 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_ia64.deb 5d222be71295eb35aa6a92e9f4242172 254594 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_ia64.udeb 8a658e738f99a1fd4941ce6055eaecef 280354 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_ia64.udeb dd95353c3608161469569cf04dd01a7c 64653 raw-translations - openssh_4.6p1-5ubuntu0.3_lpia_translations.tar.gz d22322abdfa831ea95bf42540aafecd6 676546 net standard openssh-client_4.6p1-5ubuntu0.3_lpia.deb 8b5d5ff193b90fff85cec8aee1b8cfbc 243102 net optional openssh-server_4.6p1-5ubuntu0.3_lpia.deb 52ed9be1d8933742c15c14f7cfee11dd 88414 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_lpia.deb 1bffbee3eed3146e3feaa2c802537699 158876 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_lpia.udeb e59f9929f2fcc857d44131d76500c210 171284 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_lpia.udeb 3ddc3ea4849f2f9cb57d52b87fc5586c 64663 raw-translations - openssh_4.6p1-5ubuntu0.3_powerpc_translations.tar.gz b7c0f8ac855ea770bbdf58284f25546e 773758 net standard openssh-client_4.6p1-5ubuntu0.3_powerpc.deb e8bdf4fa9838997c0bd62446c59b38dd 271988 net optional openssh-server_4.6p1-5ubuntu0.3_powerpc.deb b8756a6901f7a0337c36c7cc76d4991c 91094 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_powerpc.deb 20b436d113f09e07b9c53301f87a551a 180856 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_powerpc.udeb 23961af7588d4a886d818248c8c7fa15 190236 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_powerpc.udeb fc9b6d0a04345973f1b88ca9aa8e6a32 1169 net standard openssh_4.6p1-5ubuntu0.3.dsc fe9c399991e5e754a0837760ff9d4100 195240 net standard openssh_4.6p1-5ubuntu0.3.diff.gz 632767682a9fafdf702522b34025b955 64650 raw-translations - openssh_4.6p1-5ubuntu0.3_sparc_translations.tar.gz 5b8cba657c6e53342e119d26dc9b7c61 758584 net standard openssh-client_4.6p1-5ubuntu0.3_sparc.deb 4a4ce6ed933a3c03f632e1b3a7f34e18 276534 net optional openssh-server_4.6p1-5ubuntu0.3_sparc.deb a0158a6b98ff0531c1893caf4b01ebdf 88696 gnome optional ssh-askpass-gnome_4.6p1-5ubuntu0.3_sparc.deb 139dc1f86d43517a46ec3915b61125e1 166884 debian-installer optional openssh-client-udeb_4.6p1-5ubuntu0.3_sparc.udeb 0bccc7c29ed50a559b02e52087ae4ed2 179096 debian-installer optional openssh-server-udeb_4.6p1-5ubuntu0.3_sparc.udeb Package-Type: udeb Original-Maintainer: Debian OpenSSH Maintainers