diff options
author | Russ Allbery <rra@debian.org> | 2019-02-18 18:59:25 -0800 |
---|---|---|
committer | Russ Allbery <rra@debian.org> | 2019-02-18 19:17:34 -0800 |
commit | 210b5de92335c0a7702653018f08de8f78d02ffe (patch) | |
tree | 1eb9593ebe3ec2d3f6844dbb2c637ef81e5e7709 | |
parent | 877fec5d7c0f538048715508892e636ca4072763 (diff) |
Add changelog for additional regression fixdebian/2.3.4-12
-rw-r--r-- | debian/changelog | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index 04dea30..126180b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,15 @@ +rssh (2.3.4-12) unstable; urgency=high + + * The fix for the scp security vulnerability in 2.3.4-9 combined with + the regression fix in 2.3.4-10 rejected the -pf and -pt options, which + are sent by libssh2's scp support. Add support for those variants. + (LP #1815935) + + -- Russ Allbery <rra@debian.org> Mon, 18 Feb 2019 18:58:27 -0800 + rssh (2.3.4-11) unstable; urgency=high - * The fix for the scp security vulneraability in 2.3.4-9 introduced a + * The fix for the scp security vulnerability in 2.3.4-9 introduced a regression that blocked scp of multiple files from a server using rssh. Based on further analysis of scp's command-line parsing, relax the check to require the server command contain -f or -t, which should |