Accepted openssh 1:4.2p1-5ubuntu2 (source)
Martin Pitt
martin.pitt at ubuntu.com
Mon Feb 20 14:05:15 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 20 Feb 2006 14:49:20 +0100
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb
Architecture: source
Version: 1:4.2p1-5ubuntu2
Distribution: dapper
Urgency: low
Maintainer: Matthew Vernon <matthew at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
openssh-client - Secure shell client, an rlogin/rsh/rcp replacement
openssh-client-udeb - Secure shell client for the Debian installer
openssh-server - Secure shell server, an rshd replacement
openssh-server-udeb - Secure shell server for the Debian installer
ssh - Secure shell client and server (transitional package)
ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Changes:
openssh (1:4.2p1-5ubuntu2) dapper; urgency=low
.
* SECURITY UPDATE: Shell code injection with crafted file names in scp.
* Ported upstream patch from 4.3p2 to replace system() call with a proper
exec() call; this avoids expanding shell metacharacters in local-to-local
or remote-to-remote copies.
* CVE-2006-0225
Files:
1f080bedd15e1b32d5e061003aae20ef 1001 net standard openssh_4.2p1-5ubuntu2.dsc
bd745fb1d0f0faf3aaa14b8924a39060 165584 net standard openssh_4.2p1-5ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)
iD8DBQFD+cv/DecnbV4Fd/IRAjqtAJ9EJnuUuZyDeqQ18A5UyTtRZJ/RKgCfUA6A
LGleharPGg9uLxnYYZu1oK8=
=FLNZ
-----END PGP SIGNATURE-----
Accepted:
OK: openssh_4.2p1-5ubuntu2.dsc
-> Component: main Section: net
OK: openssh_4.2p1-5ubuntu2.diff.gz
More information about the dapper-changes
mailing list