-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 25 Dec 2007 13:27:52 +0100 Source: scponly Binary: scponly Architecture: source i386 Version: 4.0-1sarge2 Distribution: oldstable-security Urgency: high Maintainer: Thomas Wana <greuff@debian.org> Changed-By: Florian Weimer <fw@deneb.enyo.de> Description: scponly - Restricts the commands available to scp- and sftp-users Closes: 437148 Changes: scponly (4.0-1sarge2) oldstable-security; urgency=high . * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). Files: f37d3236975bdb6742eba5ac788c40c2 892 utils optional scponly_4.0-1sarge2.dsc 380ea78eb602749989c8031a4f916c79 27490 utils optional scponly_4.0-1sarge2.diff.gz 62413a011d04721bb4b6f9a3d9496e27 29322 utils optional scponly_4.0-1sarge2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR3EI5L97/wQC1SS+AQIcOgf6AzLvBGObNrYFKRLbZXuC3l5TPr2wiw03 mlwAbDAyvjsb84lsJz69H9u2wmmr0RWHr+JIepkKA5ewoH0on9SCskdjOVDd6cBV xMS3n0qnUIK7bXsZmxIyYg61neDHLalVlkShPu4+reYEbevE6CLU2p0n+L3esyLn fbDdWJae/29Pdt3G+xhZHyx0ruPmEkoQI3X96ar4qA7JGVJdQsl9gjLfJH4hY2Ii RrRzYaIaJVqJfN3eBw8bsVGW2NW9uMya97a9pzyE7Y5uqZO59SwxJl9jdRYGiCbP J4Y4brNlIyFx0bouwFL+Y4qNVP+aHX0N8hxaux99RRqvdbEHJY1OXw== =mZhF -----END PGP SIGNATURE----- Accepted: scponly_4.0-1sarge2.diff.gz to pool/main/s/scponly/scponly_4.0-1sarge2.diff.gz scponly_4.0-1sarge2.dsc to pool/main/s/scponly/scponly_4.0-1sarge2.dsc scponly_4.0-1sarge2_i386.deb to pool/main/s/scponly/scponly_4.0-1sarge2_i386.deb