Package "openssh"

  openssh (1:5.9p1-5ubuntu1.4) precise; urgency=medium

  * Re-enable btmp logging, as its permissions were fixed a long time ago.
    Backport from Debian and Trusty. (LP: #743858)
 -- Louis Bouchard <email address hidden> Tue, 22 Apr 2014 08:28:40 -0500

  openssh (1:5.9p1-5ubuntu1.3) precise-security; urgency=medium

  * SECURITY UPDATE: failure to check SSHFP records if server presents a
    certificate
    - debian/patches/CVE-2014-2653.patch: fix logic in sshconnect.c.
    - CVE-2014-2653
 -- Marc Deslauriers <email address hidden> Mon, 07 Apr 2014 09:36:45 -0400

  openssh (1:5.9p1-5ubuntu1.2) precise-security; urgency=medium

  * SECURITY UPDATE: AcceptEnv wildcard environment restrictions bypass
    - debian/patches/CVE-2014-2532.patch: don't allow invalid chars in
      session.c.
    - CVE-2014-2532
 -- Marc Deslauriers <email address hidden> Fri, 21 Mar 2014 11:05:55 -0400

  openssh (1:5.9p1-5ubuntu1.1) precise; urgency=low

  [ Gunnar Hjalmarsson ]
  * debian/openssh-server.sshd.pam: Explicitly state that ~/.pam_environment
    should be read, and move the pam_env calls from "auth" to "session" so
    that it's also read when $HOME is encrypted (LP: #952185).
 -- Colin Watson <email address hidden> Tue, 26 Mar 2013 14:15:06 +0000