scponly (4.6-1.2ubuntu1) hardy; urgency=low * patched setup_chroot.sh.in so that dev/null get's created in the chroot (LP: #191422). OpenSSH for scponly requires a dev/null in the execution enviroment, this was not the fact in the past and may change in the future. * changed Maintainer-Field to MOTU and introduced XSBC-Original-Maintainer with former maintainer. -- Albrecht Mühlenschulte Fri, 15 Feb 2008 16:06:01 +0100 scponly (4.6-1.2) unstable; urgency=high * Non-maintainer upload by the Security Team * scp: -o and -F options are dangerous (CVE-2007-6415). -- Florian Weimer Tue, 22 Jan 2008 20:24:09 +0100 scponly (4.6-1.1) unstable; urgency=high * Non-maintainer upload by the testing-security team * Disable unison, rsync and svn usability, because all three could be exploited. (Closes: #437148) - The maintainer is working on splitting the packages and providing a binary package, which enables these features, but warns about them and one, which is safe and has them disabled, like this -- Steffen Joeris Tue, 25 Sep 2007 10:06:31 +0000 scponly (4.6-1) unstable; urgency=high * New upstream version 4.6. (Closes: #342701, #324918) * Fixes two critical security bugs: - CVE-2005-4532: unsafe directory permissions allow authenticated users to break out of the chroot jail (Closes: #344418) - CVE-2005-4533: insufficient command line argument checks allow authenticated users to run arbitrary programs (Closes: #350964) * Added Swedish translation (Closes: #330537) -- Thomas Wana Mon, 6 Feb 2006 12:40:18 +0100 scponly (4.1-1) unstable; urgency=low * New upstream version 4.1 (Closes: #312100) * Added Vietnamese translation (Closes: #317920) -- Thomas Wana Tue, 20 Sep 2005 23:51:02 +0200 scponly (4.0-2) unstable; urgency=low * Changed ssh dependency to ssh | openssh-server (Closes: #290671) * Fixed compilation error with certain configuration flags (Closes: #289861) * Added the equal sign '=' to the list of allowed characters (Closes: #301129) * Fixed spelling error in man page (Closes: #295910) -- Thomas Wana Fri, 3 Jun 2005 16:44:29 +0200 scponly (4.0-1) unstable; urgency=high * New upstream version 4.0. - Fixes critical security bug: scp command line argument could be used to execute any program. CAN-2004-1162. (Closes: #284176) * Fixed typo in README (Closes: #258151) * Added Czech translation of debconf questions thanks to Miroslav Kure (Closes: #218817) * Added Japanese translation of debconf questions thanks to Hideki Yamane (Closes: #276815) * Updated Brazilian Portugueze translation of debconf questions thanks to Andre Luis Lopes (Closes: #279353) -- Thomas Wana Tue, 4 Jan 2005 17:01:24 +0100 scponly (3.11-1) unstable; urgency=high * New upstream version 3.11. (Closes: #252697) - Fixes useradd bug in setup_chroot.sh (Closes: #228918) - setup_chroot.sh doesn't fail anymore on existing users (Closes: #228920) * Fixed usability issues with the manpage, readme (Closes: #228941) * Fixes dependency error with passwd (forgot epoch) (Closes: #239187, #252079) * Includes a patch for the chroot-breakout-vulnerability recently discovered in scponly (moves into upstream with the next version, but Debian doesn't want to wait for it) * Sponsored by Martin Wuertele -- Thomas Wana Sun, 24 May 2004 09:24:23 +0100 scponly (3.9-2) unstable; urgency=low * Updated config.guess and config.sub to fix FTBFS bug on ia64 (Closes: #229381) * Added '+' to the list of permitted characters in a filename (Closes: #233307) * Sponsored by Martin Wuertele -- Thomas Wana Sun, 22 Feb 2004 12:50:30 +0100 scponly (3.9-1) unstable; urgency=low * New upstream version. * Made scponly use add-shell and remove-shell from the passwd package to manage its entries to /etc/shells (Closes: #228139) * Corrected paths in scponly manpage (Closes: #228137) * Added notes in the scponlyc manpage and README.Debian about the setup_chroot.sh shell script (Closes: #220200) * Sponsored by Martin Wuertele -- Thomas Wana Sun, 18 Jan 2004 14:43:14 +0100 scponly (3.8-7) unstable; urgency=low * Package internal updates to the build system * Sponsored by Martin Wuertele -- Thomas Wana Sun, 30 Nov 2003 13:01:24 +0100 scponly (3.8-6) unstable; urgency=low * Fixed the setup_chroot.sh script to work correctly, thanks to Martin Werthmoeller . (Closes: #212769) * Added Brazilian Portuguese (pt_BR) translation for debconf questions thanks to Andre Luis Lopes (Closes: #218817) * Sponsored by Martin Wuertele -- Thomas Wana Mon, 08 Nov 2003 20:58:47 +0100 scponly (3.8-5) unstable; urgency=low * Added dutch translation for debconf questions thanks to Tim Vandermeersch (Closes: #210884) * Sponsored by Martin Wuertele -- Thomas Wana Sun, 14 Sep 2003 20:08:30 +0200 scponly (3.8-4) unstable; urgency=low * scponly now uses dpkg-statoverride to modify /usr/sbin/scponlyc (Closes: #206060) * Fixed duplicate changelog.gz (Closes: #206122) * Sponsored by Martin Wuertele -- Thomas Wana Sun, 24 Aug 2003 14:13:18 +0200 scponly (3.8-3) unstable; urgency=low * Switched to gettext format for debconf (Closes: #203040) * Added french translation for debconf questions thanks to Michel Grentzinger (Closes: #203041) * Added german translation for debconf questions (myself) -- Thomas Wana Sun, 27 Jul 2003 13:02:46 +0200 scponly (3.8-2) unstable; urgency=low * The debuglevel can now be set in /etc/scponly/debuglevel. Increasing it to values greater than zero will cause scponly to log diagnostic messages to syslog. Closes: #197074 * The user now gets asked if she wishes to install the chrooted binary to /usr/sbin and set its mode to 4755. This is needed because only root is allowed to chroot. Closes: #197075 -- Thomas Wana Wed, 11 Jun 2003 21:56:39 +0200 scponly (3.8-1) unstable; urgency=low * Initial Release. Closes: #147456 (ITP) -- Thomas Wana Tue, 27 May 2003 22:04:23 +0200