UbuntuUpdates.org

Package "rssh"

Name: rssh

Description:

Restricted shell allowing scp, sftp, cvs, svn, rsync or rdist

Latest version: 2.3.4-4+deb8u2ubuntu0.16.04.2
Release: xenial (16.04)
Level: security
Repository: universe
Homepage: http://www.pizzashack.org/rssh/

Links


Download "rssh"


Other versions of "rssh" in Xenial

Repository Area Version
base universe 2.3.4-4
updates universe 2.3.4-4+deb8u2ubuntu0.16.04.2

Changelog

Version: 2.3.4-4+deb8u2ubuntu0.16.04.2 2019-04-11 19:07:22 UTC

  rssh (2.3.4-4+deb8u2ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY REGRESSION: The previous security regression released in
    2.3.4-4+deb8u2ubuntu0.14.04.1 did not resolve all of the regressions
    caused by 2.3.4-4+deb8u2ubuntu0.14.04.1. This fix adds support for
    the '-pf' and '-pt' variants of the command line options.
    (LP: 1815741)

 -- Mike Salvatore <email address hidden> Wed, 10 Apr 2019 13:01:45 -0400

Source diff to previous version

Version: 2.3.4-4+deb8u2ubuntu0.16.04.1 2019-02-12 05:07:05 UTC

  rssh (2.3.4-4+deb8u2ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY REGRESSION: The fix for the scp security vulneraability
    in 2.3.4-4+deb8u2build0.16.04.1 introduced a regression that
    blocked scp of multiple files from a server using rssh. Based on
    further analysis of scp's command-line parsing, relax the check
    to require the server command contain -f or -t, which should
    deactivate scp's support for remote files. (Closes: #921655)
    - Merged from Debian, thanks to Russ Allbery for the patch.

 -- Steve Beattie <email address hidden> Mon, 11 Feb 2019 16:46:53 -0800

Source diff to previous version
921655 rssh 2.3.4-4+deb8u2 breaks download of multiple files. - Debian Bug report logs

Version: 2.3.4-4+deb8u2build0.16.04.1 2019-02-08 01:07:39 UTC

  rssh (2.3.4-4+deb8u2build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian

Source diff to previous version

Version: 2.3.4-4+deb8u1build0.16.04.1 2019-02-06 16:08:06 UTC

  rssh (2.3.4-4+deb8u1build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian




About   -   Send Feedback to @ubuntu_updates