scponly (4.6-1etch1build0.6.06.1) dapper-security; urgency=low
* fake sync from Debian
scponly (4.6-1etch1) stable-security; urgency=high
* Non-maintainer upload by the Security Team
* Remove rsync, Subversion and Unison support because it was possible
to gain shell access through them (CVE-2007-6350). Closes: #437148.
* scp: -o and -F options are dangerous (CVE-2007-6415).
-- Jamie Strandboge < ja...@ubuntu.com> Wed, 07 Oct 2009 07:47:50
-0500
** Changed in: scponly (Ubuntu Dapper)
Status: Fix Committed => Fix Released
--
CVE-2007-6415 - scponly allows remote command execution
https://bugs.launchpad.net/bugs/249593
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
