Format: 1.8 Date: Fri, 04 Aug 2023 18:02:08 -0400 Source: openssh Binary: openssh-client openssh-client-udeb openssh-server openssh-server-udeb openssh-sftp-server openssh-tests ssh-askpass-gnome Architecture: armhf armhf_translations Version: 1:8.2p1-4ubuntu0.9 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot openssh-tests - OpenSSH regression tests ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad Launchpad-Bugs-Fixed: 2030275 Changes: openssh (1:8.2p1-4ubuntu0.9) focal-security; urgency=medium . * SECURITY UPDATE: information leak in algorithm negotiation (LP: #2030275) - debian/patches/CVE-2020-14145-mitigation.patch: tweak the client hostkey preference ordering algorithm in sshconnect2.c. - Note: This update does not solve CVE-2020-14145, but does mitigate the issue in the specific scenario where the user has a key that matches the best-preference default algorithm. Checksums-Sha1: 3fb0d252f23bab4762b5a896598be4f89ce77d8b 3901240 openssh-client-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb dc70de1cb3549c8f6b7b8311a0fa9ba9f17118e1 267608 openssh-client-udeb_8.2p1-4ubuntu0.9_armhf.udeb 7dccf9e29dad584490b5e8e89a17b99dc64f29bb 589856 openssh-client_8.2p1-4ubuntu0.9_armhf.deb ed57a5cc09ac9400474d15902559bf68746d0cb0 1060680 openssh-server-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 37dac4df183dfb9552b7effe4b5d25958cdb31c0 291080 openssh-server-udeb_8.2p1-4ubuntu0.9_armhf.udeb f99659c8b852ec87fc05b53a78d077fd4c47796b 343468 openssh-server_8.2p1-4ubuntu0.9_armhf.deb 97903fa44bdd104210605503eb3af44b3c359c3d 164712 openssh-sftp-server-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 4a1f32406ee3c929727f4fdf64241e2db8002095 44788 openssh-sftp-server_8.2p1-4ubuntu0.9_armhf.deb 09ef8cad3ac4ccac3667ed37a41742d965748741 2338928 openssh-tests-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb c287c6ef21727954bafe701395cf1f3182cd25e6 592516 openssh-tests_8.2p1-4ubuntu0.9_armhf.deb 4b158fdf82d8d3953f1ef5073bd1c93d142bda0a 19499 openssh_8.2p1-4ubuntu0.9_armhf.buildinfo e03274c96cbc6f41920e2bb71d8cf5aea07556f4 8522 openssh_8.2p1-4ubuntu0.9_armhf_translations.tar.gz 9c25900b4d23159ccc68cc5130c68f1422ec67cd 12952 ssh-askpass-gnome-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 8f4c21ae208c48f420f55e4bedbc3346240f31a2 16788 ssh-askpass-gnome_8.2p1-4ubuntu0.9_armhf.deb Checksums-Sha256: a2c92084f6408d6c9f6ff1aeb06800ae1b4ba2d2cd767c3919d33f87212fee88 3901240 openssh-client-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb b7513d76e91c5daf4a724578135c9131c8d9f32e2d8e92a84f2d7e9d0497e6d9 267608 openssh-client-udeb_8.2p1-4ubuntu0.9_armhf.udeb 3753c45337d0f55f09069e694f514428827754ab2b27455ff8bc9a7cca428f4e 589856 openssh-client_8.2p1-4ubuntu0.9_armhf.deb ff9ee5e27cc512f35d8260d8b075d6a46a25a9120c078e459817d8a22057b131 1060680 openssh-server-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb ac632aa343275f031dc4a006b23d7061d9999f97bb4902c9f4e06ab54df24e07 291080 openssh-server-udeb_8.2p1-4ubuntu0.9_armhf.udeb 8b516b2526cf2a0fad2b7f049500de7d48ba449ec1298bc875c9ede9691b9323 343468 openssh-server_8.2p1-4ubuntu0.9_armhf.deb 30829323ab000c418ba9a17d18d31267013430fc2956597ed071a1aa0551e937 164712 openssh-sftp-server-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb f47dcc873dee70d4846ed8661544eabcb2efa324a9c9435512fed292200d02e6 44788 openssh-sftp-server_8.2p1-4ubuntu0.9_armhf.deb 169f5644375629476ec1b047244711249a187e031958e1113b1ba402c20d36cd 2338928 openssh-tests-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 0a8c047baea13a72dd1760a2342800098eed669d1126ed5fa064c40e60f7d0ff 592516 openssh-tests_8.2p1-4ubuntu0.9_armhf.deb 617e2f47694bb5e2006b87ff30143500a73a42444448b04c5e05f01483e847a3 19499 openssh_8.2p1-4ubuntu0.9_armhf.buildinfo e53beefe75b4f32aa4d9b43c5ddd47156aeaa59fee4ff6731c32ea5c16813048 8522 openssh_8.2p1-4ubuntu0.9_armhf_translations.tar.gz 27483abdb989e79d305101dd7bde1ba10a2013b376e9e47a3377fce81c5debe0 12952 ssh-askpass-gnome-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 84f280481cbb15fc60d2e98264ad23f125385ea68e14640ec53787da2c9c2987 16788 ssh-askpass-gnome_8.2p1-4ubuntu0.9_armhf.deb Files: 2a2e37634b345009199fdbc3ff7ab6b9 3901240 debug optional openssh-client-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb a59a04d1588dc98d7cc712acb681e38a 267608 debian-installer optional openssh-client-udeb_8.2p1-4ubuntu0.9_armhf.udeb 0c48d46eeba17498956eb5ab9c617e19 589856 net standard openssh-client_8.2p1-4ubuntu0.9_armhf.deb 656c24b0bee20a4e5847c749664ebf01 1060680 debug optional openssh-server-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb dd0b245dfdcd669025a54307b1444ebf 291080 debian-installer optional openssh-server-udeb_8.2p1-4ubuntu0.9_armhf.udeb e99eda17a8860a73262396e92d32bf7d 343468 net optional openssh-server_8.2p1-4ubuntu0.9_armhf.deb 6bc959a2ec41695b6461391d34b43833 164712 debug optional openssh-sftp-server-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 9f1cfcd935dd634d2f5176f4dbcfee71 44788 net optional openssh-sftp-server_8.2p1-4ubuntu0.9_armhf.deb d28b52cd1a807c14dfb1015d3e53b30c 2338928 debug optional openssh-tests-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb 4d5d59ba58e3782a3846dba44f8cb16a 592516 net optional openssh-tests_8.2p1-4ubuntu0.9_armhf.deb 4f9c1daef09e4349d923d94c7262d21e 19499 net standard openssh_8.2p1-4ubuntu0.9_armhf.buildinfo a4e1223782523aaab0987d832eab7c76 8522 raw-translations - openssh_8.2p1-4ubuntu0.9_armhf_translations.tar.gz 46a7b703e85bd029ffd89761a2f2c305 12952 debug optional ssh-askpass-gnome-dbgsym_8.2p1-4ubuntu0.9_armhf.ddeb af1d370dc8d1bdca8543d0a37e941f36 16788 gnome optional ssh-askpass-gnome_8.2p1-4ubuntu0.9_armhf.deb Original-Maintainer: Debian OpenSSH Maintainers