Debian Package Tracker

Date: Fri, 17 Aug 2012 20:39:57 +0000
From: Russ Allbery <rra@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted rssh 2.3.2-13squeeze1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 10 Aug 2012 22:19:16 -0700
Source: rssh
Binary: rssh
Architecture: source i386
Version: 2.3.2-13squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 rssh       - Restricted shell allowing scp, sftp, cvs, svn, rsync or rdist
Changes: 
 rssh (2.3.2-13squeeze1) stable-security; urgency=high
 .
   * Apply upstream patch to close security vulnerability that permitted
     clever manipulation of environment variables on the ssh command line
     to bypass rssh checking.  (CVE-2012-3478)
Checksums-Sha1: 
 8d8bc4e69156f40b6997de7717865d36ef98f2d4 1457 rssh_2.3.2-13squeeze1.dsc
 bc7154f50dec1e46cb76b3e1c00e2b1179e50d3d 113959 rssh_2.3.2.orig.tar.gz
 45b0701bc67058ac0118e1cee2b0e381c82cb46b 30457 rssh_2.3.2-13squeeze1.debian.tar.gz
 68e0bd197a4a10b7e28a7d2a6ffd9908b7b121a9 59178 rssh_2.3.2-13squeeze1_i386.deb
Checksums-Sha256: 
 376cb36149b55b18191dc95cd681ddb871eea4c955ea903311c0997d34c2735a 1457 rssh_2.3.2-13squeeze1.dsc
 8569a07dd96c8f70d0310186b37bbb2e8e591807ac1d1bd0990c02bfd467ba57 113959 rssh_2.3.2.orig.tar.gz
 acfdaf34fbb77f84eb05a94c084759a48d38bb18978bdcbb9ecbcc8e8698ecac 30457 rssh_2.3.2-13squeeze1.debian.tar.gz
 0179c56fa03a10963831856ea6040d6ffb23181c04d8369154a14c610fed633f 59178 rssh_2.3.2-13squeeze1_i386.deb
Files: 
 cf831a7b0a9300eeeff0c208b4f451c9 1457 net optional rssh_2.3.2-13squeeze1.dsc
 65712f2c06ff5fc6fc783bc8c2e4e1ba 113959 net optional rssh_2.3.2.orig.tar.gz
 3472ce6f6fbf4d4db4253deff6a5d7df 30457 net optional rssh_2.3.2-13squeeze1.debian.tar.gz
 e57bb6be546760bda3ac8541c1dadfc4 59178 net optional rssh_2.3.2-13squeeze1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJQJewRAAoJEH2AMVxXNt51eW4IAJoGG+qAEJliwm+dUB55ZSpP
Cu93K9UNDelU4TQJucoKckLF5ZNONPRV+wb9c42YIucjgVFZVN6UN9bM5AbJX6v2
hlq0T6SQr5zw9nYoYA92uglKsKWt/6WZNzdcQCS8dsNCPQUQASVg91ODzcIky+Bb
ZcM0QyLoVk265HYH4HPl3SZVsw1R9BwEa28Vej5gMvrpgC6p969SZZ4VuMpUA9gG
bkwOaygUHCkt3wdwqpwM8BuG/myQopGjQgTlo7v2Dh6DpLd77pa85/g2C7bZyFV5
en6MnByKM5fMdMDcz7ljH+d6cUBn9hwxl6ukTDA5e/l0Tv3OAzE+zX2g4UIHtZk=
=h9A3
-----END PGP SIGNATURE-----
News for package rssh
