Debian Bug report logs - #732441
debian/watch: help uscan to check PGP signature automatically

version graph

Package: src:openssh; Maintainer for src:openssh is Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>;

Reported by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Date: Wed, 18 Dec 2013 03:06:02 UTC

Severity: normal

Tags: patch

Found in version openssh/1:6.4p1-1

Fixed in version openssh/1:6.5p1-1

Done: Colin Watson <cjwatson@debian.org>

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, dkg@fifthhorseman.net, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#732441; Package src:openssh. (Wed, 18 Dec 2013 03:06:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Daniel Kahn Gillmor <dkg@fifthhorseman.net>:
New Bug report received and forwarded. Copy sent to dkg@fifthhorseman.net, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>. (Wed, 18 Dec 2013 03:06:06 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: debian/watch: help uscan to check PGP signature automatically
Date: Tue, 17 Dec 2013 22:02:16 -0500
Package: src:openssh
Version: 1:6.4p1-1
Severity: normal
Tags: patch

uscan from devscripts 2.13.3 has the ability to check OpenPGP
signatures on new upstream releases.

on openssh-unix-dev, damien miller announced a new key that will be
used to sign forthcoming releases of OpenSSH:

https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-December/031897.html

To let uscan handle this automatically, you'd need to fetch and verify
damien's new key, change debian/watch like this:

--- debian/watch	2005-02-18 00:18:42 +0000
+++ debian/watch	2013-05-04 08:29:33 +0000
@@ -1,3 +1,3 @@
-version=2
-ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-(.*)\.tar\.gz \
-  debian uupdate
+version=3
+opts=pgpsigurlmangle=s/$/.asc/ ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-(.*)\.tar\.gz 
+

and then do:

 gpg --export '59C2 118E D206 D927 E667  EBE3 D3E5 F56B 6D92 0D30' > debian/upstream-signing-key.pgp

(i recommend you verify Damien's key yourself, of course, but i'm
including the one i believe is correct below as well).

This is not a substitute for actually verifying the contents and
source code changes of new versions of openssh, of course, but it's a
way to automate a baseline safety check for an important component.

Thanks for maintaining openssh in debian!

       --dkg

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


afaict, damien's new signing key is:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (OpenBSD)

mQGiBDqa5pwRBADJSEyXXsgXiyytN93prDPTPmrueRP9lQQfgaQvCvqK0bN0AF1Z
Vxxk9wlSXQp3+Qw5+qqsN5ovzsn39r9pqGslfCqQn9ACTmsn42+VCyW4hdwUGSBS
5myh65ZJTK1ufWCZFssxQ0EiALagu4DlH6Z2O7tFDnJNagF55vlnK0uMQwCg/8RU
QYDmisEHjkarAapPaupxjhkD/j9riCVasWPYJwAuhiQWAKxGRwp/ZyTaWCSERUBR
4Dg9QxpuwHKIT8BeDA3hJa/9Yxu5jec2NVKbtVSZvRkgUfRNOkrcH2eiY8Iz6est
J64dGWuGMKQW0GEqW+OXpRTTPJZ0mgPmU16qDzLPdx6F3BAk2LG+TTwlKUPuGqOt
6u2EA/4+1CBYZ8mXq9GJnLRBPAoYwSJJzbQnMm9Jat/yg9N6nigSIiFyG8ixh167
gGGKfzvpjY7DeJzDI0Cub+tRova8gFg+T15AcPMST5v7v6O/ug9aYWERZ0zjUhRH
ybtYLYhUUbdYM29PwGBNfZhGIOYwfFE9UpPS5LeXHs28oVLlH4jcBCARAgCcBQJS
ppQ+lR0BVGhpcyBrZXkgaGFzIGJlZW4gc3VwZXJzZWRlZCBieSBrZXkgSUQgNkQ5
MjBEMzAKS2V5IGZpbmdlcnByaW50ID0gNTlDMiAxMThFIEQyMDYgRDkyNyBFNjY3
ICBFQkUzIEQzRTUgRjU2QiA2RDkyIDBEMzAKUGxlYXNlIHVwZGF0ZSB0byB0aGlz
IG5ldyBrZXkuAAoJEM6OywOG/5xIWdMAoJZA/6ls+J6YIpVDFHkb4/8fl0w4AJ90
K3I7hssc7QuWHfPlq3EozRtjIbQuRGFtaWVuIE1pbGxlciAoUGVyc29uYWwgS2V5
KSA8ZGptQG1pbmRyb3Qub3JnPohXBBMRAgAXBQI6muacBQsHCgMEAxUDAgMWAgEC
F4AACgkQzo7LA4b/nEiDMgCZAUzKq241h5GTJxC0guS6ht9i9ZsAoL/oXCmFsofA
RehZF6AakIdasvS9iEYEExECAAYFAj77h64ACgkQmD+U6HbiLS3r4ACfclqiFP6E
TBkTbjqC328yXlT2rlEAnR6Wv3SNayY4jOgfxCMxi61S2CkAiQGsBBABAgAGBQJS
ppEIAAoJENPl9Wttkg0wMMsMf0tC6QkZnCkTiEVSar2Bd0gJWRCZOGgWwYnXVXif
5UaQhRgfXyXDxADWi76UYl4v8UFrH9yODXhZM0hoNbt6T98stHmw3dIvrYfhRgQ0
83p/N7II3i1iDJDUZ9PA8n4c5BWXirOUXPxtp23WgsEqG5DaN3CGo99YZO8aB3AH
hWd8xvGGDOKOMpAPQekgG/CZw3pcdaSOsZvOEOnbk/VuI2DVjTu/hX0PmRKkfeVf
aafi6bcDkm8Vs7Sw4TIrNmGJTKIDhwXSrFlDfs/CmZJUxzP/S7W+dZ4kvESDSWia
wmxQFMIxRqgHeLiRHYXCL5Fg+WYFv+EMj/ta5PVot86/iWfrj0MRKZFCpRfDjqTv
t0G0ziOW9kTFK8TpxBacJR7n4whM6SNf6L9onHn7xqx2r0J8TLcua9hTvapuNPdL
y1cxAKMZO8q10AMGkYd03qLlHxtgKXBeWkV/UYAc1zArv4JFdWTraLbIHmi8jpvE
NM3qcNWuNVyiTi4Kxum+CFd8V7b4X/6yBLRD/U6/dMUy4Li5Ag0EOprm1BAIAPP9
ecJzKV72GbGDKe2vfllAkrH2Dp+0HDXvwlLAzc7sk04anf3wSHhD2uQSnk0fWpV5
wb3ncW551P0gBeqvymOnm12oxgJxorL5onRLDXNUPZU5jeHtLJ9TbmlxiIcRrWCt
8o9WhabncjBYZVW2q4Xl2KYB7vn4PRpfJUI6/QTP3CAlHofr2Wnj9wPYbI1oZqvB
j0cu8cW9c41jaqb8ZXk6PI5Q7jWCZDinJdCH6ChwUUeszQDO94izCA2knTE1Zdfy
JcayvdgK+qbsmghT0krENX73pvEMt9N0qmgtgpvrxZ22YDKWyKjn6Jl9a105v9em
TZjHkt1p3L3/6febpy8ABREIAKu+hVJt3QxHQVZf5sFnQ2NJw0GjeQ9JIKdDqNEe
iSTPnmv4wd7t2rEInema7tpE6XZ+C6DrChv7v6pd8qR79N1PrC4JvgJ0VLq0+A+t
9hX6LCrY0H8Fq148aDtnpQAtpQtDSbzcMIRUsk2eN6YR0ii5KF6WKQAA7tAMoyvu
8CMfyfTPAynBExee8IzrNiVL2LWQ6bwtUBOTRbKKGlAZJpO6R0+MqUbuwrAy7bSy
wr0MZWk+C6VNnusepeXiO5jwtDaPh081o+gpYbwm4FUKzJ/YPoY1b3s98pBKTMV5
mxtUHhJFCtVNyGAFJijFFVbd8uT/JzdMLkBuHoamPiLNrBSIRgQYEQIABgUCOprm
1AAKCRDOjssDhv+cSB+2AJ0chlQNUBYNFrmyJKLwCiz4iLICAACfTbAY6XVaj9gn
5Fj5zoo3nxOYA8SZAaIEN0f88hEEALFoLiocrbjP/CMKikUkAT2h0U8lTI7Ly6+7
lCKFtqn9FVQ1cbkl8uCv5ON0P7LMNpw4qVJEu+LzIBs4FEJOASNC5KD0iFaF6Pr+
uSgkm6zDWJu5Rhje2ZBYOc1g33VRYjeT/7VIPdVH5giO9c6e/EpbcgTPhSzyYQWB
NHb5Bw4zAKDe+OFwg00TAESSyvAx9Tt3k5BPtQP/W68qSvFRV9fid432Zs+5w9kr
ffuv65HDPj/Fe2xx7bUlS7MIU2fGzGb+WiY7Msj65xRS5pT3XWkAzQ9X1RXr6xzk
20pzI7fJSirIeM/hRQkEwfMLaV27NsR458tTsvJMIgp2ArQ693zmJ6KhZAjME9rp
W3Chmdy+pJ3lBkr1joQEAK6oQ2hsLGX5L84qxvb6PzxQcHXijY/7QzhPtUkGrA09
C94Hf7X5mSwQnndskO2saaUJUESHDS9uPhh3n02OWPdk+xi1SINnCuSVLTCjJoFo
97M8l4uTnECsUHYZgYLFrrciY+kpQB0g64xYVWmyHiSrsrmc8Ycr5ks84wbLoLGs
iFEEIBECAAkFAjqaxWgCHQEAEgkQormJ9RG1dI8HZUdQRwABAescAJ9xcRB9sD1R
Zc1Sn9PUobsBH7KYmACgpChIU+KlYxkNg+HMILaGdN6UIBC0JURhbWllbiBNaWxs
ZXIgPGRtaWxsZXJAaWxvZ2ljLmNvbS5hdT6IXwQTEQIAFwUCOiRbBgULBwoDBAMV
AwIDFgIBAheAABIJEKK5ifURtXSPB2VHUEcAAQFOAQCghSGVq6nzI3PMyoZ36E0h
ALf6I1MAn3qpCrKTqelKqtbZa9aMmJjeT+WOiEYEEBECAAYFAjgwlv8ACgkQfZ7C
dhxDQaxfwwCePG3n5ClFBqIF+LT3yAM27vmrlD8AoKeNYojEanqoFm7Btbo6Q51U
Eaf8tB9EYW1pZW4gTWlsbGVyIDxkam1AbWluZHJvdC5vcmc+iF8EExECABcFAjok
Wy8FCwcKAwQDFQMCAxYCAQIXgAASCRCiuYn1EbV0jwdlR1BHAAEBv0EAnA/tG5nF
eWmEW/CUPUPg3iotn6n8AKCdINUw4zfmaSgGjiPecGlYBo2AIYhGBBARAgAGBQI4
MJcIAAoJEH2ewnYcQ0Gs3TMAnAlm/txIYP8Cup6yHmx2JQwcHGCwAKDFyG6E8a3U
Ye9Ud/+D3c00fYNr0LQlRGFtaWVuIE1pbGxlciA8ZG1pbGxlckB2aXRuZXQuY29t
LnNnPohfBBMRAgAXBQI6JFsvBQsHCgMEAxUDAgMWAgECF4AAEgkQormJ9RG1dI8H
ZUdQRwABAfakAJwM6cxduFeyvOD0EykNFeWtRIhpgQCgyINcD1+2UkQxwawGiyqR
Iq549TCIRgQQEQIABgUCODCXCAAKCRB9nsJ2HENBrJ32AJsGatu8d4dBFdLftIt4
+3QpQ+XjFwCcD+AL8rhrss96hjmMVxv9UboaqLm5AQ0EN0f9AhAEAN+bUno4vM9S
VWkAKSrhClYWQJts2mSxYgLrCqkvv0V1ISBUyOw7v3SUzzg5t6S0BJxeHr6N6oKJ
Ej+a3+WPviT1H5EujU6J7NvZpwlclj5fPt8iWkz21+9PHvq+WVrjd9HPXZfAa+5h
8ya7E0bpk/aklT1JJc7++yTgMQRkxIQHAAMFA/9DHpaZ8q2TVRY2v8Tm6Pzi+K+p
sMDtKcitUKhPALhjt+1INFjukDcYBSykfJfvbKHequCgBAcYQNA4layRTZE7s2uh
0eYttmOHolTWzwvCKkbheqOCgt83o2YKT6QKaqztJjJqOxl3AaZKQkvL8ydPRL3x
MWwCwdCZLhkJ+0iJrIhJBCgRAgAJBQI6msQRAh0BAAoJEKK5ifURtXSPfhsAn0xK
sjiC0ruTcw4XFK6qZJz5V1/2AKCP73w6vJEBtEJXW7VrAvjFkB/c7IhUBBgRAgAM
BQI3R/0CBQkCx+oAABIJEKK5ifURtXSPB2VHUEcAAQHypgCfRDHTW4PeMEkKx2/K
ClQCn4xWbUwAoLrF3lPHbjmk4Em/PV6wBgk290x7uQENBDokXxUUBADnpW+TNB42
/O1nD4iMtlALMTsA56Ox+70fVi36Xyoz8JO16GtOask4Rdi/epHl2WQJueMmqcnl
4TTxqrhcqmDDsMV/mkMlK9d7h9yk5AGgyjJAuYwAJHGcE5PrRDbAf0rasqmx+fyl
TqAn8RBRQDFYE210JxBqalC/lhs+AMuiDwAFFwQAoYYPqxV3LADJ3u0CtvNeqeuC
5uOAQeOp+lnWaEk/OKzqtGTXfn2Eqn0XGjyRx4zuJQBB/tXYEI6asZBL3qHSj7Is
aC0HR3e+rEkQ3F9eSIVhvjgTQg+JOmNQyy2ITxOW1E6EGJvJD4VUt8rjC7jYbQ57
TUFEX0C+wScUDNAPP2+ISQQoEQIACQUCOprEFQIdAQAKCRCiuYn1EbV0j9TvAJwN
wnAyXdWVA9iq/OkPQ0ropkjLgACgl++zOn2nSIsuNeSt7yH2nZf57KuITgQYEQIA
BgUCOiRfFQASCRCiuYn1EbV0jwdlR1BHAAEB15kAnRGzqB9wxPi/ZHhOTgye4+gr
xz0YAKCWZueK/xD8yp7vYE7CNCfu6CIe3pkBogQ6mt1BEQQAj4Snp2k7phJXeS9O
nec+MpeAAn/lbFQ/fCJtLJWXyk3KjG92PVc6uAnbjlW+qeDPcl9m48QpNprZoOYr
pz7rXhplW2EjXHe8o5vYIqnuhJ8V5MV5gj/wFQNJAdPV2HLI5jBW0RWoV6N8aXRM
QI8lOiVcQv+tZF/IeKGMY7VsPwcAoM39qozTxF7IRNJcKaBsHMMZOXJ1BACCylZO
hvq3LrLrKG9gIj483EJwmWDc6B6TTkpMCJ1fzKjej29a3inCUOOERcoevn7HXjTN
vu4nxfuQ0mQdd/uX4ZrTba8iHjIHx9J2Fbu2JZTxJkpjznREaY4m8V28RI1jPJ+K
igXu4mFR1rQfo/Tuh8gAd+ph3KK2CLPTbx5e+gP/ZJfngU+Itv44z0EOFeK62F5e
zORFsaYDEslMM6jP2D2WQlyU6s7+hcVFHOy6a3ThCG80DsiaroCqh80AnpIou23M
gMLtTa1f82pk4XqzfpdFKiAK41lYdCFWoKV6bRqKFau7J6Hn/Fvys2UEVQta3BEN
81d0w9yEGZo8fGYFgqm0LkRhbWllbiBNaWxsZXIgKFBlcnNvbmFsIEtleSkgPGRq
bUBtaW5kcm90Lm9yZz6IXwQTEQIAFwUCOprdQQULBwoDBAMVAwIDFgIBAheAABIJ
EKgZothpHvjaB2VHUEcAAQFcvQCfUagvlvsWQqJN4HBGTIh8tZW6Mr4AnjEjv5Xe
m6y3M+KPPzjDMDZ3tiGXiQGsBBABAgAGBQJSpo20AAoJENPl9Wttkg0wpO8Mf0y4
4KTKxWv7YJPv26AEWhZbACf+DoMomOt9eGG08qmratUVcFh05Z9UCZ/M11qR1Ivb
HH26MRWKs7yk9YOk1wJINX7uZrogQkzFVQrmsFxA69IlcX7BaAg4yynnDFMasH4/
YC95IrZG4xmu2HGZ1HADqCzlsbFzbOUGZipf/hNuoihgAdbMv8DFONCo6zhINdn7
yKA3pnhn1YD3XgoZIaQ5Ju7qQd9lL8w22bCju3h8aAWFtbESctOE8pf4cF5zQn6m
CeNgbiE65BDkg69+TE2Li8wuZeZdbkF4gmiWcSxojPp4JE++nZFUODnAoKI7g4of
Gnk/k5DOx2JAqFY3v+meOcDc7BtZU8RPQCkwc6YtGShr+f1lUkNWp7guem4HXw/Y
4zK4bFcFn5iAjfM6zrWC3DiVerFGvoWcvHnRKmUZLfd2/K9BdlwxFWCHfNHXm3BV
hMbopdkwzmdJ35IMUQ6vsLcHpuda60XN4Cx9VEfzVrEpgtjL4+40gxngPoCG0RTR
OvmtmBtWo38TXTAWfzq5AQ0EOprdQxAEAKfycj/ga8be0+b00yUlDFkozgvmgTWT
RRR2xvSlt8fKqBO3f0mCxiKh17HBkNGuoM6HtNQxYg6L7YqTOoPxWqwj40VTDe9k
hI7tqb+4ZRq/33Mh4SjmMHMWglRTkHrZZyquM1ayb3NDmQ/57G0Qh9s3t0+cbUkO
yJSf6w1H/9ibAAMGA/9odnrEBD0MvDEaRYXAWfGd4lWgGdC0oL6GqfESgUps0vUB
2IJP1ODfZFugRUAX5htNmhjCzflh8vKDDDVRGicZEL11O3r3drzyJPZlvCUnqgBm
u3ZmUY1ZCjwQ8u/XkqDP2fBm9UxZyifY7vrPqanYtGyT7A7cvsgPvejBTsuXqYhO
BBgRAgAGBQI6mt1DABIJEKgZothpHvjaB2VHUEcAAQFQxwCeNB/Ncc9JFUnevzVR
ywxHe/vfF7QAn2Zgc5m8W0NXYZyoN4cQAmbysDCrmQGdBFKmggUBDICUNqm4cNh7
tdEbwaNhbnwqLiHpILeXT6sddGI0Stz5ofB1uvIHm9kXYG5XUUwlc5ywjIZm2Jeu
Kqrd/6wAz5laLagFA6k86EZzzuBE3b5FxSQ4EN4K5XZEJo61xASEF7z1mQCiqoA6
/F407ht7nNoiVE95kOmqJlv4cqbpCw3n8f2VW+mVUH6MYRZVrYAC9NnJWv24rem2
fjgFhNT1/bx44G7H9bVJqL7hMEGa+xYQBI3YT/ulEu9HYmLFVeiZm1gB1eKXW7jS
4ctLl5uPrxayA5DX/qNB2yqgVVlIKFwUm8gGPGPOnsNKo0xBseE7E0F/KeGpaT5a
S9yFgPm9A652Jx9felYgb0e9Ipt3lxriPQwgF/cxLGuP/WEbN5fpWFnuV0Viklus
uVI2e8GHJGU5bQD5AlzvWu4Sv6oBOcDCabScydY7IxPBk/XBWCF9QDIa2qa32Mc9
dYc8EnJszPeVCHX5hG23omDRmdLGLwH7F+CuBvCxAKCymZtJl5DhRmnhdzRg9d+0
VG4hLF7O06ANABEBAAG0H0RhbWllbiBNaWxsZXIgPGRqbUBtaW5kcm90Lm9yZz6J
Ac0EEwECACcCGwMFCQ1H67ECHgECF4AFAlKmjJwECwkIBwYVCgkICwIFFgIDAQAA
CgkQ0+X1a22SDTB2TAx9E1ozPJKUGWJPZefqsSr8KsO6Dp3QuPrw2Zwgo2QfeCT+
uzNA5AKCDIAaYEpVbQsvu4sDy8dAW1+HENCxVrMXWG+SH41lcdAdI4io0PGHVQDl
42R5jX3e9pfjYCQALVv5BDXddK6054nyxEmudQ3ICFCYXIcqQbA1nfj3Uk06jGhu
M99B2/akbxCoFSiUX9uHDZKNYAGpU7/FCF9xCZF4Kd9Twvyy17jDIg7km3/Q4Jy+
+VP8FyvE5JjBdLRQSBzSG9GCjv9fyKWW7S0bMY4D3SKKt/Jm1XchEMgpRr4eBpgC
s3rxO1hXjzqm3te97uy6/q8CuJUtupJsPKc9Wh4+ogUZifC0ta7UrxZp8yZTRvPS
UxYrlvDzM32VDLQ3FX6Y2i4VNo48PSJMA+BPUx7DTcZKIXt457zsLD4jF4sRdwOk
/QF/GXCkH2GAyKHWCPXIOe+jIXgiuajcqZm9cAWjL3hidSohKfefvKkzsg75mDmj
hvAtDncIbmImJNjXIe2PQU4iY9Vq5i0vlaVKgBgKSohGBBARAgAGBQJSpovfAAoJ
EM6OywOG/5xInf8An0A7MPrfJIz2e643VEV4AX3dO9+IAJ9MOsQiB4LnqtTcc9NB
MHf9VLE46LkBnQRSpoIFAQyA1OdwfpwXKch+O00W1FsQSMcEjahGmo84WTroM/qj
Td7Ysld300PMv3wkQn2WdhyTca/EmkW0fVTGSYs7Z3v5SpPf0prYSjmfu8WlXoz6
4ApdXqGHjj9KAeq2OuUtWrwobgiQEzU4Hxlz94X/65BgG5k7OTyE3J6bgRcMwJCg
CkwjK85wbbBkGH+Jo9o/Zw9TPczQcE7BmGYkkLNAXbw7omKBOL4Z6w9sXToz9UnQ
0EB9s4TvAbHGKX9y2PEQjZN+wkzR3DavWB7ql8vHZIRmspAsDAJvDT1ofsNtu8MB
8wJcxvZaoZ7j9wULYpnaNYx9xxEhgbB9o1mBcYsdDj3xz5jrgtq/cpdgGC6bg+aw
Dc/ylQ1mNglKfY8P9hFIhIANZilnmAlk5GSoWclP/69m+u34KKoHU4Yc3I1pPNcL
6Nyi0bh8mHqe9WedKfod7Y4yM1S20fXaS4vrLIlKgxbsDpWiWrk0ltV03uyC7eqD
e3nzzGW/2GLTHj5xsA2+HwGtPom5mmzjvV5PFNpS7a90JQARAQABiQG1BBgBAgAP
BQJSpoIFAhsMBQkNR+uxAAoJENPl9Wttkg0wEScMf2QjDWm3XawJxNA8pqqxrFeT
Eo+GESznVRTUeprrUFd1GHw33qaAvqLixZ+x8cr+1Gj/fJd5eiIVJfRLYbXlC8su
8JZXngfX0VhuMcUob/FTikfpcoYkRzriUsJEB3/OmjlLjGgnQm5Gz9TV1ityF3bz
oHkR8svWEKKKzNoIEPHLU3y7bqSkOrjnY3bZfdVRh618XbjV28NMuoZsV8E4pOuQ
oy+3s5IjmIf/mkSiFE3VJwdaPem23UsXatFb/eoC/Ahi0iCd/8ioFwi+oHT2Pnt9
HrzVF6E8gBVO3vKo6UJgDTr9Qt27Nc6eHL0O5j50ins9ob/3DoOC3P5A08zhl+w4
66yGEv5+Es/usUAs/4ng4ksI3DTLK9Ygj70l5oBuMFYd3b5KGVfAIlGc5mwIOIG4
1YLIzZTrGuOuTymjwCdC9cUZJ6R2Cv/Vx0htZ0hqDdyaDO0Io9OG/W2s2T7160tY
9ic4MwBCFemzwFELIBIIHNY/n/wsmxQGkI3Oj86JpOVVgR5lXWR+BrGcBjkSEyg=
=s7sa
-----END PGP PUBLIC KEY BLOCK-----



Added tag(s) pending. Request was from Colin Watson <cjwatson@debian.org> to control@bugs.debian.org. (Mon, 10 Feb 2014 00:21:05 GMT) Full text and rfc822 format available.

Reply sent to Colin Watson <cjwatson@debian.org>:
You have taken responsibility. (Mon, 10 Feb 2014 15:51:31 GMT) Full text and rfc822 format available.

Notification sent to Daniel Kahn Gillmor <dkg@fifthhorseman.net>:
Bug acknowledged by developer. (Mon, 10 Feb 2014 15:51:31 GMT) Full text and rfc822 format available.

Message #12 received at 732441-close@bugs.debian.org (full text, mbox):

From: Colin Watson <cjwatson@debian.org>
To: 732441-close@bugs.debian.org
Subject: Bug#732441: fixed in openssh 1:6.5p1-1
Date: Mon, 10 Feb 2014 15:50:47 +0000
Source: openssh
Source-Version: 1:6.5p1-1

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 732441@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 10 Feb 2014 14:58:26 +0000
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source i386 all
Version: 1:6.5p1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 115286 481853 570651 644521 676830 732441 734816
Changes: 
 openssh (1:6.5p1-1) unstable; urgency=medium
 .
   * New upstream release (http://www.openssh.com/txt/release-6.5,
     LP: #1275068):
     - ssh(1): Add support for client-side hostname canonicalisation using a
       set of DNS suffixes and rules in ssh_config(5).  This allows
       unqualified names to be canonicalised to fully-qualified domain names
       to eliminate ambiguity when looking up keys in known_hosts or checking
       host certificate names (closes: #115286).
   * Switch to git; adjust Vcs-* fields.
   * Convert to git-dpm, and drop source package documentation associated
     with the old bzr/quilt patch handling workflow.
   * Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code,
     leaving only basic configuration file compatibility, since it has been
     nearly six years since the original vulnerability and this code is not
     likely to be of much value any more (closes: #481853, #570651).  See
     https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full
     reasoning.
   * Add OpenPGP signature checking configuration to watch file (thanks,
     Daniel Kahn Gillmor; closes: #732441).
   * Add the pam_keyinit session module, to create a new session keyring on
     login (closes: #734816).
   * Incorporate default path changes from shadow 1:4.0.18.1-8, removing
     /usr/bin/X11 (closes: #644521).
   * Generate ED25519 host keys on fresh installations.  Upgraders who wish
     to add such host keys should manually add 'HostKey
     /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
     'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
   * Drop long-obsolete "SSH now uses protocol 2 by default" section from
     README.Debian.
   * Add systemd support (thanks, Sven Joachim; closes: #676830).
Checksums-Sha1: 
 4a4472ae69c182ca013f35fe53d8f33ce5110071 2580 openssh_6.5p1-1.dsc
 3363a72b4fee91b29cf2024ff633c17f6cd2f86d 1293187 openssh_6.5p1.orig.tar.gz
 9c5fae24a97662ee51957bb3302aad8c500ecc22 134244 openssh_6.5p1-1.debian.tar.xz
 1b90122bcb9502517f8b9255c32547d6c162e162 661230 openssh-client_6.5p1-1_i386.deb
 784f6070497e8abef515c4f4a9e80c20433d46ad 328440 openssh-server_6.5p1-1_i386.deb
 ede8fc9387bc6ebe87067549e7f8a73fb2c95a7b 1112 ssh_6.5p1-1_all.deb
 4da07a2277c3dd1774b28a88ec932f2ac0106674 100430 ssh-krb5_6.5p1-1_all.deb
 749be71e1a397428f5d2cb4e5240bc941acd2b2e 108174 ssh-askpass-gnome_6.5p1-1_i386.deb
 d7fef0573b6e68539b3acf6c573b7607c053031e 251840 openssh-client-udeb_6.5p1-1_i386.udeb
 24e10c91c267e8f7fb117775d3e08f9e6eb82839 279982 openssh-server-udeb_6.5p1-1_i386.udeb
Checksums-Sha256: 
 f8367e71b1355730b036b2e0d8c2f64e05582dcaa0a0990b1db7113d8d378f12 2580 openssh_6.5p1-1.dsc
 a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027 1293187 openssh_6.5p1.orig.tar.gz
 d12fcc5d67e2a2a97622ab271569cc396e8bdede697f73b2ec80ef5a5396aaec 134244 openssh_6.5p1-1.debian.tar.xz
 f3246f6cbd49e56bcafbb2aa486a930de68c6ee9cfad109b0e512eb7aa679761 661230 openssh-client_6.5p1-1_i386.deb
 783d929e6fce36abfea401eca9631f363cd50feccefbd6537bf0014317df7714 328440 openssh-server_6.5p1-1_i386.deb
 fd35125374df30e574e78d6ae200a5da051d76c9268ed8b2decc50ee0eda6d06 1112 ssh_6.5p1-1_all.deb
 bf888a64fad0c7720d40aab64cd08a8a380d1f62368ec212c30bdafe4b56c156 100430 ssh-krb5_6.5p1-1_all.deb
 90b7d49cb8c1e4d85851a45dafd1165e57c21319185254be8c39f169fa7fbc0b 108174 ssh-askpass-gnome_6.5p1-1_i386.deb
 36a281fe3bd1a8d1e5fc49721a65a83c341c095a74f9c241bf080f1e85e6e9ab 251840 openssh-client-udeb_6.5p1-1_i386.udeb
 4101aba98c5695a0ea8c791b98f8b3806ccd53dd99413b66b97f360afe40e516 279982 openssh-server-udeb_6.5p1-1_i386.udeb
Files: 
 d7c4cdd040c3ad8f53e49b14c5ef2d04 2580 net standard openssh_6.5p1-1.dsc
 a084e7272b8cbd25afe0f5dce4802fef 1293187 net standard openssh_6.5p1.orig.tar.gz
 04520ed0efa0bb876b93fc2b4238c0b3 134244 net standard openssh_6.5p1-1.debian.tar.xz
 e43da6b11acc50c3dfb38c71be14798e 661230 net standard openssh-client_6.5p1-1_i386.deb
 f6343bb3aef909fd7e5282141dccb046 328440 net optional openssh-server_6.5p1-1_i386.deb
 ab63c4779bfd4da189f475261d1e4075 1112 net extra ssh_6.5p1-1_all.deb
 6225ba95624c3a181d9ad0329be9e5e5 100430 oldlibs extra ssh-krb5_6.5p1-1_all.deb
 47eadc168d3bcd283e44ddc260a221ad 108174 gnome optional ssh-askpass-gnome_6.5p1-1_i386.deb
 6d43226f76b5ab53777cc54dd2d42ed3 251840 debian-installer optional openssh-client-udeb_6.5p1-1_i386.udeb
 259dfacc453ffea378fb204a27ad9b01 279982 debian-installer optional openssh-server-udeb_6.5p1-1_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer

iQIVAwUBUvjrRDk1h9l9hlALAQhBDxAAl4iy4kVmLmLcBUZm0+ZZqKtlbRhd/aZS
PJFisL8cKm6n2AVj8/Hzj4j1s6s89Br3UJ66w6s7ozqAe1d0xqqZiuoBbxZ4JzrH
4cG+k0T4eHpRvF7ZUHIgO4il3hoOkvCt3TN+VijJQ3mqPTw+49Ny+9NErGL7QE8k
+OeMIT8egacpX92KSQutoZnP+qdd4/K1vVyBuFjFPKy6ylFHIIHQJac81a7cWAWs
PTZrcKnGELGN+mlP4ZNYmLWAq1/GFnisRTZ6f58CCQ/51K3NheHX+sQ118VH/EIS
m+6Pc94ctWOxC9c5HWP+ACgYERzrGQbfkudB3Q27sgffNnXqLcneGXsbDZDl4ECG
W+Ns7ac/IcBKm2Z06zZMPIJCInsEEMV2cG7kbkx2h9oWXdci7OU71V4FXzDf3TTm
EUudyIYvW3NBaB8rmbpwDt/Wmj4hhAsvc9gsdjmBZ4JxND8H+1lzBpht6HQRpOKr
+vywmSIXpEYVXvVOJFzil2xTvo17Jkgy1r3ngnK3etj/RgY6cfHE6kGfLFoKgQIc
zTBDACUkH84PA+WLJuCR4vi9JEnIAnGpTUeLSsZntRao/SrogkAG6XHGGgDYa//B
JpL2DPnOCn80BbhKcnkNNEwRF7r8f0rVL6+Js65bA/LX08SRaF8o/qjbRAQlSA97
mCYvfW2hfVc=
=bVKr
-----END PGP SIGNATURE-----




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Apr 21 06:54:45 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.