[Bug 185035] Re: [scponly] [CVE-2007-6350] [CVE-2007-6415] design flaw may lead to execution of arbitrary commands
Jamie Strandboge
jamie at ubuntu.com
Thu Oct 8 13:07:05 UTC 2009
scponly (4.6-1etch1build0.6.06.1) dapper-security; urgency=low
* fake sync from Debian
scponly (4.6-1etch1) stable-security; urgency=high
* Non-maintainer upload by the Security Team
* Remove rsync, Subversion and Unison support because it was possible
to gain shell access through them (CVE-2007-6350). Closes: #437148.
* scp: -o and -F options are dangerous (CVE-2007-6415).
-- Jamie Strandboge < jamie at ubuntu.com> Wed, 07 Oct 2009 07:47:50 -0500
** Changed in: scponly (Ubuntu Dapper)
Status: Fix Committed => Fix Released
--
[scponly] [CVE-2007-6350] [CVE-2007-6415] design flaw may lead to execution of arbitrary commands
https://bugs.launchpad.net/bugs/185035
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list