Package "openssh"

Name: openssh


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • secure shell client and server (transitional package)

Latest version: *DELETED*
Release: trusty (14.04)
Level: proposed
Repository: universe


Save this URL for the latest version of "openssh": https://www.ubuntuupdates.org/openssh

Other versions of "openssh" in Trusty

Repository Area Version
base universe 1:6.6p1-2ubuntu1
base main 1:6.6p1-2ubuntu1
security main 1:6.6p1-2ubuntu2.13
security universe 1:6.6p1-2ubuntu2.13
updates universe 1:6.6p1-2ubuntu2.13
updates main 1:6.6p1-2ubuntu2.13

Packages in group

Deleted packages are displayed in grey.


Version: 1:6.6p1-1 2014-03-30 06:07:26 UTC

  openssh (1:6.6p1-1) unstable; urgency=medium

  [ Colin Watson ]
  * Apply various warning-suppression and regression-test fixes to
    gssapi.patch from Damien Miller.
  * New upstream release (http://www.openssh.com/txt/release-6.6,
    LP: #1298280):
    - CVE-2014-2532: sshd(8): when using environment passing with an
      sshd_config(5) AcceptEnv pattern with a wildcard, OpenSSH prior to 6.6
      could be tricked into accepting any environment variable that contains
      the characters before the wildcard character.
  * Re-enable btmp logging, as its permissions were fixed a long time ago in
    response to #370050 (closes: #341883).
  * Change to "PermitRootLogin without-password" for new installations, and
    ask a debconf question when upgrading systems with "PermitRootLogin yes"
    from previous versions (closes: #298138).
  * Debconf translations:
    - Danish (thanks, Joe Hansen).
    - Portuguese (thanks, Am��rico Monteiro).
    - Russian (thanks, Yuri Kozlov; closes: #742308).
    - Swedish (thanks, Andreas R��nnquist).
    - Japanese (thanks, victory).
    - German (thanks, Stephan Beck; closes: #742541).
    - Italian (thanks, Beatrice Torracca).
  * Don't start ssh-agent from the Upstart user session job if something
    like Xsession has already done so (based on work by Bruno Vasselle;
    LP: #1244736).

  [ Matthew Vernon ]
  * CVE-2014-2653: Fix failure to check SSHFP records if server presents a
    certificate (bug reported by me, patch by upstream's Damien Miller;
    thanks also to Mark Wooding for his help in fixing this) (Closes:

 -- Colin Watson <email address hidden> Fri, 28 Mar 2014 18:04:41 +0000

1298280 Update OpenSSH to 6.6
1244736 upstart configuration for user launches an extra ssh-agent
341883 openssh-server: doesn't log bad login attempts to /var/log/btmp - Debian Bug report logs
298138 ssh: PermitRootLogin should defaul to "no" - Debian Bug report logs
742308 openssh: [INTL:ru] Russian debconf templates translation - Debian Bug report logs
742541 [openssh] openssh [INTL:de] German debconf templates translation - Debian Bug report logs
CVE-2014-2532 openssh: AcceptEnv environment restriction bypass flaw
CVE-2014-2653 if the server offers a certificate, the client doesn't check the DNS for SSHFP records

About   -   Send Feedback to @ubuntu_updates