diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 07:46:57 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 07:46:57 +0000 |
| commit | 38ffe3f626c21d5f5431e9d5bad6b6af1c91b821 (patch) | |
| tree | ec28c5c195a2370d415e0d7427c03cfc1e2949dc /debian/NEWS | |
| parent | Releasing progress-linux version 1:9.7p1-5~progress7.99u1. (diff) | |
| download | openssh-38ffe3f626c21d5f5431e9d5bad6b6af1c91b821.tar.xz openssh-38ffe3f626c21d5f5431e9d5bad6b6af1c91b821.zip | |
Merging debian version 1:9.7p1-6.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | debian/NEWS | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS index 4e3b2ee..79738c6 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,3 +1,19 @@ +openssh (1:9.7p1-6) UNRELEASED; urgency=medium + + Debian's PAM configuration for OpenSSH no longer reads the + ~/.pam_environment file. The implementation of this in pam_env has a + history of security problems and has been deprecated by the upstream + Linux-PAM maintainers due to the possibility that "user supplied + environment variables in the PAM environment could affect behavior of + subsequent modules in the stack without the consent of the system + administrator". + + Instead, environment variables need to be set somewhere that will be + handled by the session process; for most users, this will be shell + initialization files such as ~/.bash_profile or ~/.bashrc. + + -- Colin Watson <cjwatson@debian.org> Thu, 23 May 2024 19:17:29 +0100 + openssh (1:9.5p1-1) experimental; urgency=medium OpenSSH 9.5p1 includes a number of changes that may affect existing |