[ Marco Trevisan (Treviño) ]
* debian: Remove dependency on libsystemd
As per the xz backdoor we learned that the least dependencies sshd have,
the best it is, so avoid to plug libsystemd (which also brings various
other dependencies) inside sshd for no reason:
- d/p/systemd-readiness.patch: Use upstream patch with no libsystemd
dependency
- d/p/systemd-socket-activation.patch: Import patch from debian that
mimics the libsystemd sd_listen_fds() code, as refactored by Colin
Watson.
- d/control: Remove dependencies on libsystemd-dev | libelogind-dev
- d/rules: Drop --with-systemd flag (new options are used by default)
[ Nick Rosbrook ]
* debian/patches: only set PAM_RHOST if remote host is not "UNKNOWN"
(LP: #2060150)
* debian/openssh-server.postinst: don't re-enable ssh.socket if it was disabled
(LP: #2059874)
* d/p/sshd-socket-generator.patch: do not always ignore ListenStream=22
(LP: #2059872)
This bug was fixed in the package openssh - 1:9.6p1-3ubuntu13
---------------
openssh (1:9.6p1-3ubuntu13) noble; urgency=medium
[ Marco Trevisan (Treviño) ]
* debian: Remove dependency on libsystemd
As per the xz backdoor we learned that the least dependencies sshd have,
the best it is, so avoid to plug libsystemd (which also brings various
other dependencies) inside sshd for no reason:
- d/p/systemd- readiness. patch: Use upstream patch with no libsystemd socket- activation. patch: Import patch from debian that
dependency
- d/p/systemd-
mimics the libsystemd sd_listen_fds() code, as refactored by Colin
Watson.
- d/control: Remove dependencies on libsystemd-dev | libelogind-dev
- d/rules: Drop --with-systemd flag (new options are used by default)
[ Nick Rosbrook ] openssh- server. postinst: don't re-enable ssh.socket if it was disabled socket- generator. patch: do not always ignore ListenStream=22
* debian/patches: only set PAM_RHOST if remote host is not "UNKNOWN"
(LP: #2060150)
* debian/
(LP: #2059874)
* d/p/sshd-
(LP: #2059872)
-- Nick Rosbrook <email address hidden> Fri, 05 Apr 2024 15:30:31 -0400