Debian Bug report logs - #562048
allow for the package-specific version banner to be suppressed

version graph

Package: openssh; Maintainer for openssh is Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>;

Reported by: Kees Cook <kees@debian.org>

Date: Tue, 22 Dec 2009 09:21:09 UTC

Severity: wishlist

Tags: patch

Found in version 1:5.1p1-8

Fixed in version openssh/1:5.2p1-2

Done: Colin Watson <cjwatson@debian.org>

Bug is archived. No further changes may be made.

Full log


Message #5 received at submit@bugs.debian.org (full text, mbox):

Received: (at submit) by bugs.debian.org; 22 Dec 2009 09:18:51 +0000
From kees@debian.org Tue Dec 22 09:18:51 2009
X-Spam-Checker-Version: SpamAssassin 3.2.3-bugs.debian.org_2005_01_02
	(2007-08-08) on rietz.debian.org
X-Spam-Level: 
X-Spam-Bayes: score:0.0000 Tokens: new, 90; hammy, 151; neutral, 190; spammy,
	0. spammytokens: hammytokens:0.000-+--H*o:Debian, 0.000-+--Severity,
	0.000-+--changelog, 0.000-+--severity, 0.000-+--mips
X-Spam-Status: No, score=-9.0 required=4.0 tests=AWL,BAYES_00,FOURLA,
	FROMDEVELOPER,HAS_PACKAGE,MURPHY_DRUGS_REL8,MURPHY_WRONG_WORD2,SPERM,
	SPF_HELO_PASS autolearn=ham version=3.2.3-bugs.debian.org_2005_01_02
Return-path: <kees@debian.org>
Received: from smtp.outflux.net ([198.145.64.163])
	by rietz.debian.org with esmtp (Exim 4.63)
	(envelope-from <kees@debian.org>)
	id 1NN0tG-0005QB-Vr
	for submit@bugs.debian.org; Tue, 22 Dec 2009 09:18:51 +0000
Received: from www.outflux.net (serenity-end.outflux.net [10.2.0.2])
	by vinyl.outflux.net (8.14.3/8.14.3/Debian-9ubuntu1) with ESMTP id nBM9IncY010613
	for <submit@bugs.debian.org>; Tue, 22 Dec 2009 01:18:50 -0800
Date: Tue, 22 Dec 2009 01:18:49 -0800
From: Kees Cook <kees@debian.org>
To: Debian Bugs <submit@bugs.debian.org>
Subject: allow for the package-specific version banner to be suppressed
Message-ID: <20091222091849.GK5396@outflux.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="3uo+9/B/ebqu+fSQ"
Content-Disposition: inline
Organization: Debian
X-MIMEDefang-Filter: outflux$Revision: 1.316 $
X-HELO: www.outflux.net
X-Scanned-By: MIMEDefang 2.67 on 10.2.0.1
Delivered-To: submit@bugs.debian.org
[Message part 1 (text/plain, inline)]
Package: openssh
Version: 1:5.1p1-8
Severity: wishlist
Tags: patch

Hi!

It is sometimes desirable to suppress the exact package version of
openssh that is reported during the initial protocol handshake.

While attempts we made to more completely deal with this upstream were
rejected[1], the "EXTRAVERSION" variable appears to be a Debian-specific
change.  This means there should be a way to have a Debian-specific
sshd variable be proposed to disable the EXTRAVERSION portion of the
protocol greeting:

SSH-2.0-OpenSSH_5.1p1

instead of

SSH-2.0-OpenSSH_5.1p1 Debian-8

This patch introduces ReportExtraversion (which defaults to "yes").  When
set to "no", "Debian-8" is left off the protocol greeting.

Thanks!

-Kees

[1]://bugzilla.mindrot.org/show_bug.cgi?id=764

-- 
Kees Cook                                            @debian.org
[report-extraversion.patch (text/x-diff, attachment)]

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 06:06:42 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.