lp:ubuntu/raring/rssh

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

17. By Russ Allbery on 2012-11-22

* Fix several flaws in validation of rsync options. Ensure --server
  cannot be hidden from the server by putting it after -- or as the
  argument to another option. Verify that the -e option's value matches
  expectations rather than trying to look for invalid -e option values.
  (CVE-2012-2251)
* Reject the rsync --rsh option even if it does not contain a trailing
  equal sign. (CVE-2012-2252)

16. By Russ Allbery on 2012-08-10

Apply upstream patch to close security vulnerability that permitted
clever manipulation of environment variables on the ssh command line
to bypass rssh checking. (CVE-2012-3478)

15. By Russ Allbery on 2012-03-07

Force libexecdir to /usr/lib/rssh. This is not a library package and
has no reason to be using the multiarch paths, but picked up the
modification to libexecdir as a side effect of the debhelper
compatibility level change. (Closes: #663011)

14. By Russ Allbery on 2012-03-04

* Translation updates:
  - Danish, thanks Joe Dalton. (Closes: #659447)
* Update debian/copyright to copyright-format 1.0.
* Update standards version to 3.9.3 (no changes required).

13. By Russ Allbery on 2012-02-05

* Update examples/mkchroot.sh to include libnss modules in a multiarch
  subdirectory of /lib if none exist directly in /lib.
* Update to debhelper compatibility level V9.
  - Enable compiler hardening flags, including bindnow and PIE.
    (Closes: #654155)
* Use dh-autoreconf to regenerate the Autotools build system rather than
  rolling our own equivalent.
* Update standards version to 3.9.2 (no changes required).

12. By Russ Allbery on 2011-02-28

* New upstream release.
  - Exit with non-zero status when fatal() is called.
  - Merges Debian fixes/config-parse-fatal, fixes/man-page-hyphen, and
    fixes/missing-config patches.
* In the example mkchroot script, also check for and copy over the
  dependencies of any of the NSS libraries we copy over. This picks up
  the libnsl library, which is now required. Print out a warning that
  mkchroot doesn't copy over any of the libraries required for other
  supporting programs (rsync, etc.), only those for scp and sftp.
  (Closes: #611878)
* Update debian/copyright to the current DEP-5 format.
* Update to debhelper compatibility level V8.
* Update to standards version 3.9.1 (no changes required).

11. By Russ Allbery on 2010-11-10

When allocating the buffer to tell a locked-out user what commands are
supported, add an additional byte for the nul at the end of the
string. (Closes: #601145)

10. By Russ Allbery on 2010-07-06

* If parsing the configuration file fails, abort with an error rather
  than continuing on and applying the defaults, since the defaults may
  be wrong for the current user. Patch from Jon Barber.
* Fix spelling error (seperate for separate) in rssh man page.
* Remove version from openssh-server dependency since it was older than
  oldstable.
* Update standards version to 3.9.0 (no changes required).

9. By Russ Allbery on 2010-03-29

* Switch to 3.0 (quilt) source format.
  - Remove build dependency on quilt and debian/rules machinery.
* Remove all of the files touched by autoreconf -i.
* Remove Jesus Climent from uploaders. He hasn't had time to work on
  the package in a while.
* Update standards version to 3.8.4 (no changes required).

8. By Russ Allbery on 2009-07-18

* Update standards version 3.8.2 (no changes required).
* Translation updates:
  - Czech, thanks Martin Šín. (Closes: #533389)
  - Russian, thanks Yuri Kozlov. (Closes: #537062)