-
Committer:
Bazaar Package Importer
-
Author(s):
Colin Watson
-
Date:
2008-05-17 10:37:40 UTC
-
Revision ID:
james.westby@ubuntu.com-20080517103740-w5bxm7byxz2z1pzj
Tags: 1:4.2p1-7ubuntu3.4
* Mitigate OpenSSL security vulnerability (CVE-2008-0166):
- Add key blacklisting support. Keys listed in
/etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by
sshd, unless "PermitBlacklistedKeys yes" is set in
/etc/ssh/sshd_config.
- Add a new program, ssh-vulnkey, which can be used to check keys
against these blacklists.
- Depend on openssh-blacklist.