-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 18 Nov 2021 23:03:02 +0100 Source: netkit-rsh Binary: rsh-client rsh-server Architecture: source amd64 Version: 0.17-17+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: rsh-client - client programs for remote shell connections rsh-server - server program for remote shell connections Changes: netkit-rsh (0.17-17+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-7282 and CVE-2019-7283 Due to insufficient input validation in path names sent by server, a malicious server can do arbitrary file overwrites in the target directory or modify permissions of the target directory. Checksums-Sha1: 39b99b31dff446ece0c9eea6db5ab87c95e10bf2 1901 netkit-rsh_0.17-17+deb9u1.dsc 022185bf31af23abbb6d4f34621f94d9d0c4b6ea 58268 netkit-rsh_0.17.orig.tar.gz f4589d101ece14b0b12bd72064a057d74985000b 23430 netkit-rsh_0.17-17+deb9u1.diff.gz bf79211dfc7c827923b1ab0ff2d9cbef3bfe8813 6900 netkit-rsh_0.17-17+deb9u1_amd64.buildinfo 51817193ee845b308a68a4d39b390acacee1da26 35810 rsh-client-dbgsym_0.17-17+deb9u1_amd64.deb 9bc8b6148ba74f9f428477aeba67a79e8c0d92af 31526 rsh-client_0.17-17+deb9u1_amd64.deb 7b483c55dc910c7d95cad2d47eaf78d9fdfae9df 40088 rsh-server-dbgsym_0.17-17+deb9u1_amd64.deb a29b42a6861481b3a4d42529c18f3d2a90bf055a 36090 rsh-server_0.17-17+deb9u1_amd64.deb Checksums-Sha256: ff9942d70d12c1d54c96e8e02e28f489e4d87edb806dc4060be0a637342698b7 1901 netkit-rsh_0.17-17+deb9u1.dsc edcac7fa18015f0bc04e573f3f54ae3b638d71335df1ad7dae692779914ad669 58268 netkit-rsh_0.17.orig.tar.gz b8757debe2c253e1db3433e624fd14db6309941d534e69bd8b28702157809de0 23430 netkit-rsh_0.17-17+deb9u1.diff.gz d3b1dd05b43e0309b2a53ea6f23d9dc2df6b49488447d077c75f19d075b4868a 6900 netkit-rsh_0.17-17+deb9u1_amd64.buildinfo 63b5523beac91aedbbdaab253d55e971f97e0cb32770e3344792f917acabcb52 35810 rsh-client-dbgsym_0.17-17+deb9u1_amd64.deb 57b8daae8bae898602fe008aeab167da7747f9c107aef2a6e53dafe7ecc25443 31526 rsh-client_0.17-17+deb9u1_amd64.deb 15ad44193bb743fda12ce931084d006d368fc20d6791e92bf5f68404e89fb150 40088 rsh-server-dbgsym_0.17-17+deb9u1_amd64.deb 4f4ec3d23e2cabe1c523f7cd86b1ac97babda755a4d8bc8c18b45f0cd317e38e 36090 rsh-server_0.17-17+deb9u1_amd64.deb Files: 9a21dc0458dadce07b8727ce443ad4a8 1901 net extra netkit-rsh_0.17-17+deb9u1.dsc 65f5f28e2fe22d9ad8b17bb9a10df096 58268 net extra netkit-rsh_0.17.orig.tar.gz 384d137624e5ec83cc079b6a15c0ec20 23430 net extra netkit-rsh_0.17-17+deb9u1.diff.gz 27c625ab7982e6a17a45480725f540cc 6900 net extra netkit-rsh_0.17-17+deb9u1_amd64.buildinfo b8568757504acea76283d5477817e106 35810 debug extra rsh-client-dbgsym_0.17-17+deb9u1_amd64.deb 8ddd7f1ce71c5a9f5faff437d2975dfd 31526 net extra rsh-client_0.17-17+deb9u1_amd64.deb 083560124e46ec5a7ba9b28af7dc9f7c 40088 debug extra rsh-server-dbgsym_0.17-17+deb9u1_amd64.deb 7adf4fcf6768de25bb4f78ff7df99926 36090 net extra rsh-server_0.17-17+deb9u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmGW1b5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRzVgD/96rWOo1+HLDnBnGQNO4nK258tdI4sW 0GEgT/4g57YGIvdK0kET07TnpNEepqIpkXwITcAOz3L3pCJF/Fq3HNmN5NNl2tTA lyi5FShg47ERP+ObgA5z7PCzkQATh2Ii8njY+kSI9gSVH8Yi7wEVdcK5dV4m/LTu A0ULpz7ILeEO8SOAv3x9BIdkglq4BHiHE5NJ8wbcnVqAlbb+PQ6mE9FHta3MqKb7 o32VUdVec50atCtBX/aSqeIUhIOudn5f+JsEjMmy+lkJZ2rrLh/LJRoLD6pobJdg 2N2ZmMGQl1Q+RBn7vkSjm00hUZO1zBIT+/e87FhUJ1ts6VUwrqIiY1ZCop/eWyfz qMr5W8WXJ74DC2bKsymGesmZVEDk+Jixyu8N/VI8MDrFIe+dgov3iibm5MYgoNhR 5MzaurOewO5cG7EGLOGTEQGPDxysELLxk1sa2lK9+9ui00DjP1ns0zh7IJuBiQOX TEyhnM9UCFm72F5Y5XeDyx8cuyzaLKwyI+eGqq6JcQNvcgJAd7zkcgVEUXPHhv0S 0OWFev3s3URTLTmU6zLPR5csMP4kzCPGQNiniVDr6saOyruDSfRgF0p+tnyoSx0o I0YIVciUjsXCYLQ3UKTlU/AIupD0XChywueJcXW8wSaOhDK7a6UPDK+213MzUy0u zo+cGkmLwKlrRQ== =2xYV -----END PGP SIGNATURE-----
