Debian Package Tracker

From: Russ Allbery <rra@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted rssh 2.3.4-5+deb9u3 (source amd64) into proposed-updates->stable-new, proposed-updates
Date: Mon, 11 Feb 2019 22:47:08 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 10 Feb 2019 11:26:30 -0800
Source: rssh
Binary: rssh
Architecture: source amd64
Version: 2.3.4-5+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
 rssh       - Restricted shell allowing scp, sftp, cvs, svn, rsync or rdist
Closes: 921655
Changes:
 rssh (2.3.4-5+deb9u3) stretch-security; urgency=high
 .
   * The fix for the scp security vulneraability in 2.3.4-5+deb9u1
     introduced a regression that blocked scp of multiple files from a
     server using rssh.  Based on further analysis of scp's command-line
     parsing, relax the check to require the server command contain -f or
     -t, which should deactivate scp's support for remote files.
     (Closes: #921655)
Checksums-Sha1:
 3982b46e88e40a1e9162966912f11a7ccdfa2a0b 1514 rssh_2.3.4-5+deb9u3.dsc
 f4d52e2f3a7bcd9eb997afa71b59e061bf5d320c 30352 rssh_2.3.4-5+deb9u3.debian.tar.xz
 5a239f4a85d41a864852f46fee2fdc03ec5f191b 50364 rssh-dbgsym_2.3.4-5+deb9u3_amd64.deb
 b65cc26a739159390b42a004e66279fb2ea26b92 5735 rssh_2.3.4-5+deb9u3_amd64.buildinfo
 ac1a38c6b8d3f9e09ab0dd469d601f0d687a5e34 55758 rssh_2.3.4-5+deb9u3_amd64.deb
Checksums-Sha256:
 7143fb2c087d20a632784a3e5e80d601b6ddfaa92b23ca9398fbd58be49d9136 1514 rssh_2.3.4-5+deb9u3.dsc
 7299e65139bb167c001f4cfc40d23fdc768757be63ee16a77f1524729687c1c0 30352 rssh_2.3.4-5+deb9u3.debian.tar.xz
 3e476b1fd343a15c3d46888e8fc2bcfc3c60caeed4b1bb1e3bc54e81a5f072d8 50364 rssh-dbgsym_2.3.4-5+deb9u3_amd64.deb
 d5e62e72c67db120d64bf6fcc4e8bee36f603e6262b55fd00ae373c01d9aaaf3 5735 rssh_2.3.4-5+deb9u3_amd64.buildinfo
 1e4ed3d96feeddd0258dd506275430789ea83ca89d7745526d6928bcd7d0565e 55758 rssh_2.3.4-5+deb9u3_amd64.deb
Files:
 74de536a3b1fecdccc96e112716420b4 1514 net optional rssh_2.3.4-5+deb9u3.dsc
 6260aedc7fcd708a2e855a9dad4e2882 30352 net optional rssh_2.3.4-5+deb9u3.debian.tar.xz
 21eeb983f80935548f1c126d3605db31 50364 debug extra rssh-dbgsym_2.3.4-5+deb9u3_amd64.deb
 4a0f1689988d2291d7e38fd1b29385fb 5735 net optional rssh_2.3.4-5+deb9u3_amd64.buildinfo
 59834f06be5dbe58e4dbda2f9d10effb 55758 net optional rssh_2.3.4-5+deb9u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEE1zk0tJZ0z1zNmsJ4fYAxXFc23nUFAlxghswACgkQfYAxXFc2
3nXN+ggAsg9sVDDgwPNnOeN3NUabWVJgytgn+U0KZn19G+I5r7ByASt0Rtj3Gd+4
zgtdAbSK9oDSICG6HMAY12VSgybBh/069zhg2GMn8bx5UnyTZUmQ4BUJxEQUGfHQ
m7JEdQ+nIS5oyagNMCo2YRgDtXnW82oMIXQZozLO7JooWVNlWKdkDP1va8ACl0oI
H5d9NFXWMI4Lqjno6Hb2We32uZcrGnyaxHHzzOCcJq4kjabYFDsHDauslJyUZY74
SLCZyQb1+KSxdOwfgdpt6AkJ1dSrMzTL6TRfgb1unSXlOsUlMU4FCMyKVe6vZ8VM
cbBlhvdJw7XN3953rSKuc/Axl9atlQ==
=lc+n
-----END PGP SIGNATURE-----
News for package rssh
