Martin Zobel-Helas wrote:
Package: scponly
Version: 4.8-1
Severity: grave
There was an error while trying to autobuild your package:
Automatic build of scponly_4.8-1 on rem by sbuild/mipsel 99.999
Build started at 20090709-0831
[...]
** Using build dependencies supplied by package:
On 07.09.2007, at 11:01, Joachim Breitner wrote:
Hi,
Am Freitag, den 07.09.2007, 10:59 +0200 schrieb Florian Weimer:
* Joachim Breitner:
I think mounting the file system no-exec covers that. IIRC,
Subversion directly executes the hook scripts, and this will
fail in
that case.
Then
Hi Joachim,
On 10.08.2007, at 19:54, Joachim Breitner wrote:
Package: scponly
Version: 4.6-1
X-Debbugs-CC: [EMAIL PROTECTED]
Severity: grave
Tags: security
Hi Thomas Wana,
messing around with some friends here, I tried to access his computer
with only a scponly protected account. I
On 02.09.2007, at 18:29, Florian Weimer wrote:
* Joachim Breitner:
This is an unfortunate interaction between scponly and
Subversion, but
not a real bug in any of the programs. The same problem arises
when a
scponly-restricted user uploads any form of executable contents.
CGI
scripts
Hi,
Geoff Crompton wrote:
Just like to bring bug #350964 back to the limelight. Briefly recapping
Feb 2, I created the bug report
Feb 6, unstable fixed by Thomas
Feb 13 DSA 969-1 released
Feb 15 I questioned if sarge fixed, Thomas, Joey and Steve respond/discuss.
At the moment it looks
Steve Kemp wrote:
On Wed, Feb 15, 2006 at 02:01:51PM +1100, Geoff Crompton wrote:
This bug has been closed for unstable (see bug 350964) with the 4.6
upload, but will it be fixed for sarge?
Please see DSA-969-1 released two days ago:
Hi,
Geoff Crompton wrote:
This bug has been closed for unstable (see bug 350964) with the 4.6
upload, but will it be fixed for sarge?
Joey: I sent you a patch for that, but it seems you didn't
include this in scponly-4.0sarge1. We also had no discussion
about wether to include it or not.
Hi,
I forwarded the bug info to the security team. No word yet.
Your patch for stable seems fine, but in fact there is another
security hole in scponly where there is no backported patch
for 4.0 yet. I wrote the scponly author about this, again,
no reply.
Tom
Max Vozeler wrote:
This is
8 matches
Mail list logo