openssh 1:7.2p2-4ubuntu2.8 source package in Ubuntu

Changelog

openssh (1:7.2p2-4ubuntu2.8) xenial-security; urgency=medium

  * SECURITY UPDATE: Incomplete fix for CVE-2019-6111
    - debian/patches/CVE-2019-6111-2.patch: add another fix to the filename
      check in scp.c.
    - CVE-2019-6111
  * Fixed inverted CVE numbers in patch filenames and in previous
    changelog.

 -- Marc Deslauriers <email address hidden>  Mon, 04 Mar 2019 07:50:38 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2019-03-04
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2019-03-04 main net
Xenial security on 2019-03-04 main net

Downloads

File Size SHA-256 Checksum
openssh_7.2p2.orig.tar.gz 1.4 MiB a72781d1a043876a224ff1b0032daa4094d87565a68528759c1c2cab5482548c
openssh_7.2p2-4ubuntu2.8.debian.tar.xz 174.5 KiB 895a7c365b393a687b17db38cecbb032cbb6ae1c15946cda41e2ec53d39236f1
openssh_7.2p2-4ubuntu2.8.dsc 2.8 KiB 934fb980ef93127c39385f39f6d6fdc0553a07b766745b724e37859ecb3ee402

View changes file

Binary packages built by this source

openssh-client: secure shell (SSH) client, for secure access to remote machines

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the ssh, scp and sftp clients, the ssh-agent
 and ssh-add programs to make public key authentication more convenient,
 and the ssh-keygen, ssh-keyscan, ssh-copy-id and ssh-argv0 utilities.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 ssh replaces the insecure rsh, rcp and rlogin programs, which are
 obsolete for most purposes.

openssh-client-dbgsym: debug symbols for package openssh-client

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the ssh, scp and sftp clients, the ssh-agent
 and ssh-add programs to make public key authentication more convenient,
 and the ssh-keygen, ssh-keyscan, ssh-copy-id and ssh-argv0 utilities.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 ssh replaces the insecure rsh, rcp and rlogin programs, which are
 obsolete for most purposes.

openssh-client-ssh1: secure shell (SSH) client for legacy SSH1 protocol

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the ssh1 and scp1 clients and the ssh-keygen1
 utility, all built with support for the legacy SSH1 protocol. This
 protocol is obsolete and should not normally be used, but in some cases
 there may be no alternative way to connect to outdated servers.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 ssh replaces the insecure rsh, rcp and rlogin programs, which are
 obsolete for most purposes.

openssh-client-ssh1-dbgsym: debug symbols for package openssh-client-ssh1

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the ssh1 and scp1 clients and the ssh-keygen1
 utility, all built with support for the legacy SSH1 protocol. This
 protocol is obsolete and should not normally be used, but in some cases
 there may be no alternative way to connect to outdated servers.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 ssh replaces the insecure rsh, rcp and rlogin programs, which are
 obsolete for most purposes.

openssh-client-udeb: secure shell client for the Debian installer

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 This package provides the ssh client for use in debian-installer.

openssh-client-udeb-dbgsym: debug symbols for package openssh-client-udeb

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 This package provides the ssh client for use in debian-installer.

openssh-server: secure shell (SSH) server, for secure access from remote machines

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the sshd server.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 sshd replaces the insecure rshd program, which is obsolete for most
 purposes.

openssh-server-dbgsym: debug symbols for package openssh-server

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the sshd server.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 sshd replaces the insecure rshd program, which is obsolete for most
 purposes.

openssh-server-udeb: secure shell server for the Debian installer

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 This package provides the sshd server for use in debian-installer.
 Since it is expected to be used in specialized situations (e.g. S/390
 installs with no console), it does not provide any configuration.

openssh-server-udeb-dbgsym: debug symbols for package openssh-server-udeb

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 This package provides the sshd server for use in debian-installer.
 Since it is expected to be used in specialized situations (e.g. S/390
 installs with no console), it does not provide any configuration.

openssh-sftp-server: secure shell (SSH) sftp server module, for SFTP access from remote machines

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the SFTP server module for the SSH server. It
 is needed if you want to access your SSH server with SFTP. The SFTP
 server module also works with other SSH daemons like dropbear.

openssh-sftp-server-dbgsym: debug symbols for package openssh-sftp-server

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the SFTP server module for the SSH server. It
 is needed if you want to access your SSH server with SFTP. The SFTP
 server module also works with other SSH daemons like dropbear.

ssh: secure shell client and server (metapackage)

 This metapackage is a convenient way to install both the OpenSSH client
 and the OpenSSH server. It provides nothing in and of itself, so you
 may remove it if nothing depends on it.

ssh-askpass-gnome: interactive X program to prompt users for a passphrase for ssh-add

 This has been split out of the main openssh-client package so that
 openssh-client does not need to depend on GTK+.
 .
 You probably want the ssh-askpass package instead, but this is
 provided to add to your choice and/or confusion.

ssh-askpass-gnome-dbgsym: debug symbols for package ssh-askpass-gnome

 This has been split out of the main openssh-client package so that
 openssh-client does not need to depend on GTK+.
 .
 You probably want the ssh-askpass package instead, but this is
 provided to add to your choice and/or confusion.

ssh-krb5: secure shell client and server (transitional package)

 This is a transitional package depending on the regular Debian OpenSSH
 client and server, which now support GSSAPI natively. It will add the
 necessary GSSAPI options to the server configuration file. You can
 remove it once the upgrade is complete and nothing depends on it.