fixed 767034 1.16-1 thanks Le lundi 27 octobre 2014 à 22:36 +0100, Christian Weinberger a écrit : > Package: sslh > Version: 1.13b-3.2 > Severity: important > > Dear Maintainer,
Hi, > > sslh has USELIBWRAP off by default while openssh-server has libwrap support > enabled by default in Debian. > So sslh default is not in line with the openssh-server default, which is in > my eyes not what I expected and therefore a security risk. > > Recommendation: Activate USELIBWRAP by default. USELIBWRAP will be used in the next stable release 1.16-1 (and with LIBCAP for GNU/Linux): http://anonscm.debian.org/cgit/collab-maint/sslh.git/tree/debian/rules#n20 > > > Best regards, > Christian > > -- System Information: > Debian Release: 7.7 > APT prefers stable > APT policy: (600, 'stable'), (500, 'testing'), (50, 'unstable') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 3.16-0.bpo.2-amd64 (SMP w/2 CPU cores) > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: > LC_ALL set to de_DE.UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages sslh depends on: > ii adduser 3.113+nmu3 > ii debconf 1.5.49 > ii libc6 2.19-11 > ii libconfig9 1.4.8-5 > ii lsb-base 4.1+Debian8+deb7u1 > ii update-inetd 4.43 > > Versions of packages sslh recommends: > ii apache2 2.2.22-13+deb7u3 > ii apache2-mpm-prefork [httpd] 2.2.22-13+deb7u3 > ii dropbear [ssh-server] 2012.55-1.3 > ii openssh-server [ssh-server] 1:6.0p1-4+deb7u2 > > Versions of packages sslh suggests: > ii xinetd [inet-superserver] 1:2.3.14-7.1+deb7u1 > > -- Configuration Files: > /etc/default/sslh changed [not included] > > -- debconf information excluded
signature.asc
Description: This is a digitally signed message part