-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 10 Aug 2012 22:14:34 -0700 Source: rssh Binary: rssh Architecture: source i386 Version: 2.3.3-5 Distribution: unstable Urgency: medium Maintainer: Russ Allbery <rra@debian.org> Changed-By: Russ Allbery <rra@debian.org> Description: rssh - Restricted shell allowing scp, sftp, cvs, svn, rsync or rdist Changes: rssh (2.3.3-5) unstable; urgency=medium . * Apply upstream patch to close security vulnerability that permitted clever manipulation of environment variables on the ssh command line to bypass rssh checking. (CVE-2012-3478) Checksums-Sha1: 7ba660a4781ac18afae22ebe65b1847505dab14b 1448 rssh_2.3.3-5.dsc b721c455dcff5d0b80e754a2f145f54d5ad5b8a9 30557 rssh_2.3.3-5.debian.tar.gz 0f6b37b090e37868d4c32abcdd0a672378056661 64622 rssh_2.3.3-5_i386.deb Checksums-Sha256: 4983149744eeb941e230aecbe121731936f27e231968e7646c12713ec97b2ed9 1448 rssh_2.3.3-5.dsc e4393d184e0d6116523d0942ae7ee3bbb8a5b963f7152761760d3694d5bfc21f 30557 rssh_2.3.3-5.debian.tar.gz b0d43d0766585c9ff75a16b65a6bf4072201bdc1e73f6bd3f1d0d381d67b81de 64622 rssh_2.3.3-5_i386.deb Files: 2e2f75731d0b7befcea81f87379d73c2 1448 net optional rssh_2.3.3-5.dsc 7ca26ee22c04828158a8b02f7a7a263a 30557 net optional rssh_2.3.3-5.debian.tar.gz 81461cd6d7ae4ccee60b0a9d9fb81206 64622 net optional rssh_2.3.3-5_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJQJesUAAoJEH2AMVxXNt51hzUIAL8tsqE+R6W90159Y+Iv1NdP W9WW8TmkQlmXHq6jQx2OrKN4rqes5XoL4GkURztVN0986MS3FFf55ft8J+UisdzN MHcKhpu8ohrxZVpDqHjfQodW05RRs+dcn03vv4M5d7HaRnNu9/qlNypYjvpt84e7 5G+dG8iB/pt5UjbamMUYhUVtqjFR513KkiZLm9uKSAwzMilXSRrszGD5//NsC9Xo J5OlXg37c50XCEV6DEYNUshdmMAbz+dc7prLZq9JofuPzo5kt+Gq41/xuys6+c7i XxvPfPYR4tbghM0Am9l//S5eqHfKfUQi5t3ntS7UL9NQ2f5c621YzFGCLNOu2Ss= =KcdG -----END PGP SIGNATURE-----