Viewing all changes in revision 6.
- Committer: Bazaar Package Importer
- Date: 2006-02-20 14:49:20 UTC
- mfrom: (1.2.1 upstream)
- Revision ID: james.westby@ubuntu.com-20060220144920-as039iixs6pqzzsx
* SECURITY UPDATE: Shell code injection with crafted file names in scp.
* Ported upstream patch from 4.3p2 to replace system() call with a proper
exec() call; this avoids expanding shell metacharacters in local-to-local
or remote-to-remote copies.
* CVE-2006-0225
* Ported upstream patch from 4.3p2 to replace system() call with a proper
exec() call; this avoids expanding shell metacharacters in local-to-local
or remote-to-remote copies.
* CVE-2006-0225
- files modified:
- debian/changelog
expand all
collapse all
added
removed
