Your message dated Thu, 12 Apr 2007 02:32:02 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#366655: fixed in rssh 2.3.2-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: rssh
Version: 2.2.3-1.sarge.1
Severity: normal
The included chroot making script copies /etc/passwd, which is
potentially sensitive information (containing information about local
users which maybe should not be shown to less-trusted people in a
restricted environment), into the chroot. At the least I believe that
it should print a warning indicating that it is doing this.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-3-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages rssh depends on:
ii debconf 1.4.30.13 Debian configuration management sy
ii ssh 1:3.8.1p1-8.sarge.4 Secure rlogin/rsh/rcp replacement
-- debconf information:
* rssh/chroot_helper_setuid: true
* rssh/secnote:
rssh/update-10:
rssh/update-config-pre-2.2:
--- End Message ---
--- Begin Message ---
Source: rssh
Source-Version: 2.3.2-3
We believe that the bug you reported is fixed in the latest version of
rssh, which is due to be installed in the Debian FTP archive:
rssh_2.3.2-3.diff.gz
to pool/main/r/rssh/rssh_2.3.2-3.diff.gz
rssh_2.3.2-3.dsc
to pool/main/r/rssh/rssh_2.3.2-3.dsc
rssh_2.3.2-3_i386.deb
to pool/main/r/rssh/rssh_2.3.2-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Russ Allbery <[EMAIL PROTECTED]> (supplier of updated rssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 11 Apr 2007 19:07:28 -0700
Source: rssh
Binary: rssh
Architecture: source i386
Version: 2.3.2-3
Distribution: unstable
Urgency: low
Maintainer: Jesus Climent <[EMAIL PROTECTED]>
Changed-By: Russ Allbery <[EMAIL PROTECTED]>
Description:
rssh - Restricted shell allowing only scp, sftp, cvs, rsync and/or rdist
Closes: 366655 388957 415185 415505 417009
Changes:
rssh (2.3.2-3) unstable; urgency=low
.
* In the example mkchroot script, warn that /etc/passwd is copied into
the chroot and the user may wish to remove unnecessary users and
sensitive information. (Closes: #366655)
* Let debhelper handle debconf purging in postrm properly, fixing
purging failures when debconf isn't installed. (Closes: #417009)
* Remove debconf update notes for versions that are now older than
oldstable. (Closes: #388957)
* Improve the README.Debian security information. Move the details from
the debconf security note to here to eliminate the rest of the debconf
note abuse.
* Fix incorrect hyphens in the rssh man page.
* Recognize reconfigure in postinst.
* Don't die on unknown actions in maintainer scripts.
* Only remove rssh from /etc/shells on remove and purge, not upgrade.
* Use $(CURDIR) instead of `pwd` in debian/rules.
* Update standards version to 3.7.2 (no changes required).
* Update debhelper compatibility level to V5.
* Translation updates:
- Spanish, thanks Steve Lord Flaubert. (Closes: #415185)
- Dutch, thanks cobaco. (Closes: #415505)
Files:
3e21413e9bec6eeec4f18a5eb12258b9 626 net optional rssh_2.3.2-3.dsc
0335c24053561ac9b53e470003fe1931 12472 net optional rssh_2.3.2-3.diff.gz
e584f2c90bf0fb4060524f6d5783cbf2 45978 net optional rssh_2.3.2-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGHZYa+YXjQAr8dHYRAiySAJ4zSUeuGJZ6tHEsRztODuFAXyvxsgCgu95o
oLtB6NzwAlA+dPrVN/5LA7E=
=hmhm
-----END PGP SIGNATURE-----
--- End Message ---
