Debian Bug report logs - #797964
openssh-client: ssh client with enabled compression wrong debug output

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Sven-Haegar Koch <haegar@sdinet.de>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: openssh-client: ssh client with enabled compression wrong debug output

Date: Fri, 04 Sep 2015 02:28:39 +0200

Package: openssh-client
Version: 1:6.9p1-1
Severity: minor
Tags: upstream

Dear Maintainer,

When running ssh with verbose output and enabled compression
(ssh -v -C foo@bar.example) after the exit of the remote program the ssh client
is supposed to output the number of transferred bytes.

Connection to bar.example closed.
Transferred: sent 232132, received 843904 bytes, in 7006.0 seconds
Bytes per second: sent 33.1, received 120.5
debug1: Exit status 0
debug1: compress outgoing: raw data 132597, compressed 53344, factor 0.40
debug1: compress incoming: raw data 53344, compressed 132597, factor 2.49

At the bottom the compress incoming line just repeats the values of the
previous outgoing line in different order, instead of displaying the real
values.

Greetings
Haegar



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (101, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)

Versions of packages openssh-client depends on:
ii  adduser           3.113+nmu3
ii  dpkg              1.18.2
ii  libc6             2.19-19
ii  libedit2          3.1-20150325-1
ii  libgssapi-krb5-2  1.13.2+dfsg-2
ii  libselinux1       2.3-2+b1
ii  libssl1.0.0       1.0.2d-1
ii  passwd            1:4.2-3
ii  zlib1g            1:1.2.8.dfsg-2+b1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.9-1

Versions of packages openssh-client suggests:
pn  keychain      <none>
pn  libpam-ssh    <none>
pn  monkeysphere  <none>
ii  ssh-askpass   1:1.2.4.1-9

-- Configuration Files:
/etc/ssh/ssh_config changed [not included]

-- no debconf information

Message #10 received at 797964@bugs.debian.org (full text, mbox, reply):

From: Russell Coker <russell@coker.com.au>

To: 797964@bugs.debian.org

Subject: still happens

Date: Mon, 4 Apr 2016 19:33:18 +1000

This still happens exactly as reported in version 1:7.2p2-2.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Message #15 received at 797964@bugs.debian.org (full text, mbox, reply):

From: Russell Coker <russell@coker.com.au>

To: 797964@bugs.debian.org

Subject: Re: still happens

Date: Tue, 5 Apr 2016 01:26:19 +1000

[Message part 1 (text/plain, inline)]

On Mon, 4 Apr 2016 07:33:18 PM Russell Coker wrote:
> This still happens exactly as reported in version 1:7.2p2-2.

I've attached a 1 line patch to fix this.  Here is the output of using ssh to 
transfer 1MB of /dev/urandom from a remote system to a local system with the 
version in Unstable:

debug1: compress outgoing: raw data 847, compressed 464, factor 0.55
debug1: compress incoming: raw data 464, compressed 847, factor 1.83

Here is the output when transfering it with the patched version:

debug1: compress outgoing: raw data 847, compressed 464, factor 0.55
debug1: compress incoming: raw data 10488794, compressed 10492323, factor 1.00


Here is the output when transfering the 1MB of random data the other way:

debug1: compress outgoing: raw data 10488830, compressed 10492359, factor 1.00
debug1: compress incoming: raw data 786, compressed 401, factor 0.51

I am totally confident that this patch is good enough to include.  The error 
was a copy/paste error in the initial code, this is what the original author 
intended.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

[ssh-debug-fix.patch (text/x-patch, attachment)]

Message #20 received at 797964@bugs.debian.org (full text, mbox, reply):

From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

To: Russell Coker <russell@coker.com.au>

Cc: 797964@bugs.debian.org

Subject: Re: still happens

Date: Mon, 5 Jun 2017 10:50:00 +0200

[Message part 1 (text/plain, inline)]

Russell Coker wrote...

> On Mon, 4 Apr 2016 07:33:18 PM Russell Coker wrote:
> > This still happens exactly as reported in version 1:7.2p2-2.
> 
> I've attached a 1 line patch to fix this.  Here is the output of using ssh to 
> transfer 1MB of /dev/urandom from a remote system to a local system with the 
> version in Unstable:

What the status on this? People out there run statistics on that output,
and I'm not at all keen on providing them a patched openssh-client
package over the entire stretch lifecycle. Especially since Russell's
patch is extremely simple and certainly does the right things. I did a
few more tests that confirm this.

    Christoph

[signature.asc (application/pgp-signature, inline)]

Message #27 received at 797964@bugs.debian.org (full text, mbox, reply):

From: Russell Coker <russell@coker.com.au>

To: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

Cc: 797964@bugs.debian.org, control@bugs.debian.org

Subject: Re: still happens

Date: Tue, 06 Jun 2017 02:22:23 +1000

severity 797964 important
thanks

On Monday, 5 June 2017 10:50:00 AM AEST Christoph Biedl wrote:
> > On Mon, 4 Apr 2016 07:33:18 PM Russell Coker wrote:
> > > This still happens exactly as reported in version 1:7.2p2-2.
> > 
> > I've attached a 1 line patch to fix this.  Here is the output of using ssh
> > to transfer 1MB of /dev/urandom from a remote system to a local system
> > with the
> > version in Unstable:
> What the status on this? People out there run statistics on that output,
> and I'm not at all keen on providing them a patched openssh-client
> package over the entire stretch lifecycle. Especially since Russell's
> patch is extremely simple and certainly does the right things. I did a
> few more tests that confirm this.

I believe that this is an important issue.  It has a significant effect on the 
usability of the package for people who track data transfers and the ratio of 
significance to effort to fix is large.

If the decision is made to not include it for Stretch (which is at a late 
stage now) I think it should be included in a Stretch update.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Message #34 received at 797964-close@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 797964-close@bugs.debian.org

Subject: Bug#797964: fixed in openssh 1:7.4p1-11

Date: Tue, 06 Jun 2017 15:24:22 +0000

Source: openssh
Source-Version: 1:7.4p1-11

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 797964@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 06 Jun 2017 15:03:48 +0100
Source: openssh
Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.4p1-11
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 797964
Changes:
 openssh (1:7.4p1-11) unstable; urgency=medium
 .
   * Fix incoming compression statistics (thanks, Russell Coker; closes:
     #797964).
Checksums-Sha1:
 56ec312742cfa1650376f7e0a67e5518a2354939 2896 openssh_7.4p1-11.dsc
 774cd2ccd302e1a13b5837761b5c7ce00c1a8277 161192 openssh_7.4p1-11.debian.tar.xz
 5bbf826dfb5907c067a98958c6c4b720739ebc7f 13796 openssh_7.4p1-11_source.buildinfo
Checksums-Sha256:
 d040201515160f5632c10fb01f2b05ade3eeea20a739acac6a79b34b2e8e85ed 2896 openssh_7.4p1-11.dsc
 7d0246a7f314ca4c7d1530c4106665c781217839c3d0dcd644ea4a9dcca72768 161192 openssh_7.4p1-11.debian.tar.xz
 d1ce8a9e127196b929f8eeab560e6d83673a0a1d50568330c98c8290bedd8cfc 13796 openssh_7.4p1-11_source.buildinfo
Files:
 3407e700d7b6913a7b9b29eaaa5baf7a 2896 net standard openssh_7.4p1-11.dsc
 b9bb490d503829dc332c9cbe4f8583a4 161192 net standard openssh_7.4p1-11.debian.tar.xz
 914f2aab3e78a322bbe1dc4a0c7f4398 13796 net standard openssh_7.4p1-11_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAlk2tmEACgkQOTWH2X2G
UAsZ/BAAmS59Xtu3eTdER2+9Gtwr/r6trjsx5fRYqbtgd8CDY4fhc1+KOku4Z+Q3
SFE2y8zWHQQEVVKVBnxSAVEX2HhfTNJB3u50P3mE0WjWbYQKLHx6gciem9abuCj8
DntBhJEHr1Gnusz9fEDjVWxcQOww2qcOYWR2FXfYcm7dXtA0F8GUoXHVlrBhF7Ug
djCwYZJPcccEInSTYlN3w9WNeIYzWydHXvF29bSZ2RoW0aqtnZ3JYUiEYKByhg1L
+BbVNRBMKqLwYdm3tXivkudrcyd5+hQQYC97k04EqzHA6wuXzSvzq0iTx5WYHE1a
oxp+l8xwqigLtIVBAVl/WvnHOVWkHog0SY2KSu9jWqt+OiuYiBkpBTAUIeTfEIRz
Bw/HHSOGe7wcEHq5f5PRWb+Nfx+R9G3otzh9Uc8V2SaO+4zaxZXisb7+fGI/RHKH
sQeiVvDsP4h2j9V/FfcFjMBOcMPEgVWiB7PoHVLno6ThEdxR5FyEUXyEXg80wYmj
lz1WNjdNk7Nju4gjikHNNDDrtDvVZlldamr22mA/8K8wCtqzEiLKEaLGX/2BXRuv
PcpyjhJzK9ely+RU2Nyx8os4ARZDP7fHLRPHFuK/5TAr3dp5aq26bYBum9LvvMqU
CfTdzjpluZbWqzZx83JnfM6qpMg+8H4fB8d7MaExeQcwR+0GnoU=
=yQe+
-----END PGP SIGNATURE-----

Message #39 received at 797964-close@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 797964-close@bugs.debian.org

Subject: Bug#797964: fixed in openssh 1:7.5p1-4

Date: Tue, 06 Jun 2017 15:24:29 +0000

Source: openssh
Source-Version: 1:7.5p1-4

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 797964@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 06 Jun 2017 15:17:58 +0100
Source: openssh
Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.5p1-4
Distribution: experimental
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 797964
Changes:
 openssh (1:7.5p1-4) experimental; urgency=medium
 .
   * Drop README.Debian section on privilege separation, as it's no longer
     optional.
   * Only call "initctl set-env" from agent-launch if $UPSTART_SESSION is set
     (LP: #1689299).
   * Fix incoming compression statistics (thanks, Russell Coker; closes:
     #797964).
   * Relicense debian/* under a two-clause BSD licence for bidirectional
     compatibility with upstream, with permission from Matthew Vernon and
     others.
Checksums-Sha1:
 a95bc1a598ab8a68abee41db7496f9b85c4a3cc7 2892 openssh_7.5p1-4.dsc
 b38bcb0e4182a4fefa2c3f1c647492cf16b3fd94 158676 openssh_7.5p1-4.debian.tar.xz
 5654dea75d21858d2cdc726839e0a3d167b489de 13792 openssh_7.5p1-4_source.buildinfo
Checksums-Sha256:
 e2a537d6d816b6302f1e2ae85518a4ab84674c9a93a89488ff7b6e33ca318a26 2892 openssh_7.5p1-4.dsc
 513c53c154f037bb5892bd16600734722fd6cd6613fea8b0670997677761b6c9 158676 openssh_7.5p1-4.debian.tar.xz
 ebbfa9669514a3b299431ce0a841b61856dd03fd36418f2e9c36c7efd4348436 13792 openssh_7.5p1-4_source.buildinfo
Files:
 df6d22201f9bff00c637a42e21a99c62 2892 net standard openssh_7.5p1-4.dsc
 41661ef9c2034275843accd9caeca61b 158676 net standard openssh_7.5p1-4.debian.tar.xz
 69a35482a64d66323e8ee5b94c9c0bc3 13792 net standard openssh_7.5p1-4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAlk2ubEACgkQOTWH2X2G
UAvVXw/+Mprs/IvZCg7/7HX70toIP6DdoBJ14QHUPuZW48dqr9xmcQt+iHpeUUC/
o4eMtTYxgdj6u1gzLvrYfQYBfaej6BKFZyTZUPC2ExLnv0zVnIaFm/fz7nut9Dqa
v09e/pZVhPVOVot0fWe0RR84+bgJGoh/LAI3Sblb+xmS9rYIzjp3YQwBSpWb7k80
RKv8Ni0wXuv8w0RKPhE/p047VLWzGNW9Xx7ivDNlffPZi07G4UxEIxeDfDrBu411
sxRLhbt+9ae3iXJvGSCQmDFewI2W46SEOGvH1eaemJB46XiAgERejaH+JDYCuG2k
HLsYmkqsRfYgxVNf6bqSl8YzXdERl74hBRycxbVd6yrgiLfYxibKQk2OymX3wdWd
eHPQztolVh8AF2J6WlcX6sIr0ANSS3DFHJ55M785OPOmL9d5q7eDiZxRvYSuHdOM
n2f7wjZZhZsnIPdRx//ibAhTdmncml8KYXn7g6h9mMuRopXRF/J/0COMHUlWklVL
t0uZLbWIev2BT5z6Euy+pZa4Qknk0+WvuIcwizk9IcOerIMIjZPEZ/2ZBUWaIpmn
fMeiCHaWFE2G0scUgQkLxO0YXP04eL2iBX05CB6KQNg8rxeYjWyrmr7HIqlx85fh
R8wnvyQtzSHQurBZXOB1rXjCkasU9UaV0PVH3opPNW2w0xXimsw=
=9SfN
-----END PGP SIGNATURE-----

Message #44 received at 797964-close@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 797964-close@bugs.debian.org

Subject: Bug#797964: fixed in openssh 1:7.5p1-5

Date: Sun, 18 Jun 2017 11:35:59 +0000

Source: openssh
Source-Version: 1:7.5p1-5

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 797964@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 18 Jun 2017 12:08:42 +0100
Source: openssh
Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.5p1-5
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 407754 797964
Changes:
 openssh (1:7.5p1-5) unstable; urgency=medium
 .
   * Upload to unstable.
   * Fix syntax error in debian/copyright.
 .
 openssh (1:7.5p1-4) experimental; urgency=medium
 .
   * Drop README.Debian section on privilege separation, as it's no longer
     optional.
   * Only call "initctl set-env" from agent-launch if $UPSTART_SESSION is set
     (LP: #1689299).
   * Fix incoming compression statistics (thanks, Russell Coker; closes:
     #797964).
   * Relicense debian/* under a two-clause BSD licence for bidirectional
     compatibility with upstream, with permission from Matthew Vernon and
     others.
 .
 openssh (1:7.5p1-3) experimental; urgency=medium
 .
   * Fix debian/adjust-openssl-dependencies to account for preferring
     libssl1.0-dev.
   * Adjust OpenSSL dependencies for openssh-client-ssh1 too.
   * Fix purge failure when /etc/ssh has already somehow been removed
     (LP: #1682817).
   * Ensure that /etc/ssh exists before trying to create /etc/ssh/sshd_config
     (LP: #1685022).
 .
 openssh (1:7.5p1-2) experimental; urgency=medium
 .
   * Add missing header on Linux/s390.
   * Fix syntax error on Linux/X32.
 .
 openssh (1:7.5p1-1) experimental; urgency=medium
 .
   * New upstream release (https://www.openssh.com/txt/release-7.5):
     - SECURITY: ssh(1), sshd(8): Fix weakness in CBC padding oracle
       countermeasures that allowed a variant of the attack fixed in OpenSSH
       7.3 to proceed.  Note that the OpenSSH client disables CBC ciphers by
       default, sshd offers them as lowest-preference options and will remove
       them by default entirely in the next release.
     - This release deprecates the sshd_config UsePrivilegeSeparation option,
       thereby making privilege separation mandatory (closes: #407754).
     - The format of several log messages emitted by the packet code has
       changed to include additional information about the user and their
       authentication state.  Software that monitors ssh/sshd logs may need
       to account for these changes.
     - ssh(1), sshd(8): Support "=-" syntax to easily remove methods from
       algorithm lists, e.g. Ciphers=-*cbc.
     - sshd(1): Fix NULL dereference crash when key exchange start messages
       are sent out of sequence.
     - ssh(1), sshd(8): Allow form-feed characters to appear in configuration
       files.
     - sshd(8): Fix regression in OpenSSH 7.4 support for the server-sig-algs
       extension, where SHA2 RSA signature methods were not being correctly
       advertised.
     - ssh(1), ssh-keygen(1): Fix a number of case-sensitivity bugs in
       known_hosts processing.
     - ssh(1): Allow ssh to use certificates accompanied by a private key
       file but no corresponding plain *.pub public key.
     - ssh(1): When updating hostkeys using the UpdateHostKeys option, accept
       RSA keys if HostkeyAlgorithms contains any RSA keytype.  Previously,
       ssh could ignore RSA keys when only the ssh-rsa-sha2-* methods were
       enabled in HostkeyAlgorithms and not the old ssh-rsa method.
     - ssh(1): Detect and report excessively long configuration file lines.
     - Merge a number of fixes found by Coverity and reported via Redhat and
       FreeBSD.  Includes fixes for some memory and file descriptor leaks in
       error paths.
     - ssh(1), sshd(8): When logging long messages to stderr, don't truncate
       "\r\n" if the length of the message exceeds the buffer.
     - ssh(1): Fully quote [host]:port in generated ProxyJump/-J command-
       line; avoid confusion over IPv6 addresses and shells that treat square
       bracket characters specially.
     - Fix various fallout and sharp edges caused by removing SSH protocol 1
       support from the server, including the server banner string being
       incorrectly terminated with only \n (instead of \r\n), confusing error
       messages from ssh-keyscan, and a segfault in sshd if protocol v.1 was
       enabled for the client and sshd_config contained references to legacy
       keys.
     - ssh(1), sshd(8): Free fd_set on connection timeout.
     - sftp(1): Fix division by zero crash in "df" output when server returns
       zero total filesystem blocks/inodes.
     - ssh(1), ssh-add(1), ssh-keygen(1), sshd(8): Translate OpenSSL errors
       encountered during key loading to more meaningful error codes.
     - ssh-keygen(1): Sanitise escape sequences in key comments sent to
       printf but preserve valid UTF-8 when the locale supports it.
     - ssh(1), sshd(8): Return reason for port forwarding failures where
       feasible rather than always "administratively prohibited".
     - sshd(8): Fix deadlock when AuthorizedKeysCommand or
       AuthorizedPrincipalsCommand produces a lot of output and a key is
       matched early.
     - ssh(1): Fix typo in ~C error message for bad port forward
       cancellation.
     - ssh(1): Show a useful error message when included config files can't
       be opened.
     - sshd_config(5): Repair accidentally-deleted mention of %k token in
       AuthorizedKeysCommand.
     - sshd(8): Remove vestiges of previously removed LOGIN_PROGRAM.
     - ssh-agent(1): Relax PKCS#11 whitelist to include libexec and common
       32-bit compatibility library directories.
     - sftp-client(1): Fix non-exploitable integer overflow in SSH2_FXP_NAME
       response handling.
     - ssh-agent(1): Fix regression in 7.4 of deleting PKCS#11-hosted keys.
       It was not possible to delete them except by specifying their full
       physical path.
     - sshd(8): Avoid sandbox errors for Linux S390 systems using an ICA
       crypto coprocessor.
     - sshd(8): Fix non-exploitable weakness in seccomp-bpf sandbox arg
       inspection.
     - ssh-keygen(1), ssh(1), sftp(1): Fix output truncation for various that
       contain non-printable characters where the codeset in use is ASCII.
Checksums-Sha1:
 b04a282b907cc0626636d085cbaed106cb029ee3 2892 openssh_7.5p1-5.dsc
 a840646cc73e2a944059cdaae613f8b9549678a8 158776 openssh_7.5p1-5.debian.tar.xz
 a3ca5ffc61a4619c4c017bef919b9c72df884fce 13528 openssh_7.5p1-5_source.buildinfo
Checksums-Sha256:
 f39775e585cb084eb5f477b5d34d143635f03398491a220513c9879b8d87a92b 2892 openssh_7.5p1-5.dsc
 f23a12c7e5f2d8dabfa55e310ef7dfcbe94d15464470681ea114f022cdd842c3 158776 openssh_7.5p1-5.debian.tar.xz
 656411e101d1586354ac9726d95cff5c4743c4f5f3e0a71d9fa607278d87e000 13528 openssh_7.5p1-5_source.buildinfo
Files:
 a991857086599a0c65b2697e5f73ed58 2892 net standard openssh_7.5p1-5.dsc
 be3034e764fb9c648fbb2023954e4878 158776 net standard openssh_7.5p1-5.debian.tar.xz
 017713a31ab70964adc457d439d03106 13528 net standard openssh_7.5p1-5_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAllGX2EACgkQOTWH2X2G
UAsGPw//WLQOsu6QuiFCJMCzZ5m6ur4dNoDDFSobCpPeYfYcGBe6Ejb1eXKsrI1q
d9ftmP8qWfKTtUMwGyEfhfL+VGDjlY+wMYu++O6X+AvJmW/NQLg9gChcXqGjlSt9
PYlm7G/ejEMVOkm12Ay+m86Yjx5/PdMecmrBecg0e/irtprjNOVD1U1m9sb+vVOd
3Z/flmBhsq891LH7M3URTFRtk80C1jpz+EwI4jg2Hz+1eIItAf47MTi4rkRAOZbq
jz/EC4fnCCSZuIPClofhVkYiEJD25NDDMQ3lylHSyQJoNF/RNMZaUoFxsxDEBWXP
WumdQZKYX6YhDNzijQvM3C7aEBjkYNbN/XMOjq5fAG3Jdhrj28jmzM7mrfQdcREV
fgda7q1YxEoLYy+buew9kn38xGvCT4TQArWx27jv2LUX0nDqI2DieMoS0YLwHy7k
4pKgGZxznz/8vfSwNaEzhreDJTCeNTMsamqcEsQRCCrpY+gS/3pGjNY2WcCcWHyd
vsR8xjvU+tY2TrxuSDUwX6riHdO+l56U3lhzlcsiMrq3aqHJSdTifTx9OnbgN6fy
bb0zBVj1Tdr4pSwUYDZ3dJLmhVUJdyb+DTkrNfch8ns4NcY6UgRbVHIXldMe0mX/
Etv1eq0vopT+XSat6dKxqwY7dJIXkRT3ClluwN0q69ZJX8XYQj8=
=/Z34
-----END PGP SIGNATURE-----

Message #49 received at 797964-close@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 797964-close@bugs.debian.org

Subject: Bug#797964: fixed in openssh 1:7.4p1-10+deb9u1

Date: Sat, 24 Jun 2017 14:51:38 +0000

Source: openssh
Source-Version: 1:7.4p1-10+deb9u1

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 797964@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 18 Jun 2017 01:11:26 +0100
Source: openssh
Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.4p1-10+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 797964
Changes:
 openssh (1:7.4p1-10+deb9u1) stretch; urgency=medium
 .
   * Fix incoming compression statistics (thanks, Russell Coker; closes:
     #797964).
Checksums-Sha1:
 26cc728b055374dbe3ea52201b1e4800d43341b2 2924 openssh_7.4p1-10+deb9u1.dsc
 a44cc5f01c6ae29e0c139216f9b531e486f3df76 161232 openssh_7.4p1-10+deb9u1.debian.tar.xz
 b8e8bcaa3df6fef91381d2d253bb5b71c8ee3e58 13824 openssh_7.4p1-10+deb9u1_source.buildinfo
Checksums-Sha256:
 f9e868b52dec07d978670e079e66e0c40fcb35d7da3eb78e4120918600fea990 2924 openssh_7.4p1-10+deb9u1.dsc
 57732801db296491b5628a59473c0a302e3b7afc736047d522487f9f6b279ba2 161232 openssh_7.4p1-10+deb9u1.debian.tar.xz
 f96cf0027adfa196532ac888d39e0c55eae78e38e8df17121145326dff5d5ade 13824 openssh_7.4p1-10+deb9u1_source.buildinfo
Files:
 5187edcfda70abd3ace77c91490412d7 2924 net standard openssh_7.4p1-10+deb9u1.dsc
 d5038d5e1c6977bf149ccb1109b65e29 161232 net standard openssh_7.4p1-10+deb9u1.debian.tar.xz
 7a7804f1ed8de4e1d6b8c13729e9b5d0 13824 net standard openssh_7.4p1-10+deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAllFxUUACgkQOTWH2X2G
UAuE+BAAq25Hg77LAu4Nspgkr/PfnNw1INlUOdIXVZmhDal7bt+ISzZkTme3yPXe
9IzR+fJmq9+0x9R0yFfU0vPFkmrjygw+gXf+4SYVurloMGGYS+lyeyIIRHcHTCoj
ahuWa9U4QEmwBtvAOR5TsaKWB9MWLOvQnhZfJwQBvE0/2D7Tx/r4EsupaX48ARCF
w8MCVBR11G9zDxlfo6oT6sioo0K4gg71Gvt1sPj/tPLwbDO45ZvT/YiR+Gdd8b8r
dkwTTg993S8EiiCEO/WqPrFlcgiLAedp/oERX7jSrVy+I8b4vBkIgX9tXDBNFqOB
psZq4g8GloyLf8/ou4ZN33btTKz1hGZG5AxPR7sgByrUBsMgyo9X5WbHpEzNnDvZ
yklISaCzxBibYXDh4T7jXn9+7Af7rsfbSHIHe1pyroFSIDd6yI8XF+kR3mBx9RkP
YmSh4prPKRsZmKCbdTrBW6ntDx2A+mdQXKVXpyKicJkkv6W91lJVPwb6k9LiHeh7
X/60XCIPTDkm48MBtf1fBYNLtADRdXi9+sw353krfYx/VAgoBbxIk/bwxxJt0uev
CsNoAb7LZTriiqHI8cwzQSg+Fk7hAO0fmHv6uFkg/ds1JRVxb/7jNzR9BVKtjwY9
iyfeyGZpvecyLQWddUDSL7E0q3XNmTpIWRhBxCpvtIBSMcEBuJ8=
=LKG4
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.