User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2012-20109 (rssh)

Subject:  [SECURITY] Fedora 17 Update: rssh-2.3.4-1.fc17
Date:  Wed, 19 Dec 2012 08:36:29 +0000
Message-ID:  <>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-20109 2012-12-11 00:57:21 -------------------------------------------------------------------------------- Name : rssh Product : Fedora 17 Version : 2.3.4 Release : 1.fc17 URL : Summary : Restricted shell for use with OpenSSH, allowing only scp and/or sftp Description : rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. It is a alternative to scponly. -------------------------------------------------------------------------------- Update Information: Update to 2.3.4 and fix CVE-2012-2251 -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 10 2012 Tomas Hoger <> - 2.3.4-1 - Update to upstream version 2.3.4, which fixes CVE-2012-3478 and CVE-2012-2252 - Updated rsync-protocol.patch to fix CVE-2012-2251, and to apply on top of the CVE-2012-3478 and CVE-2012-2252 fixes. - Updated makefile.patch to preserve RPM CFLAGS. - Added command-line-error.patch (from Debian), correcting error message generated when insecure command line option is used (CVE-2012-3478 fix regression). * Sat Jul 21 2012 Fedora Release Engineering <> - 2.3.3-4 - Rebuilt for -------------------------------------------------------------------------------- References: [ 1 ] Bug #880177 - CVE-2012-2252 rssh: incorrect filtering of rsync --rsh command line option [ 2 ] Bug #880174 - CVE-2012-2251 rssh: bypass of rsync -e option filtering [ 3 ] Bug #820414 - CVE-2012-3478 rssh: circumvention of rssh restrictions using environment variables -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rssh' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds