Re: Jessie update of libpam-krb5?

2020-03-31 Thread Russ Allbery
t; during the day if you want to handle the upload and the DLA yourself. Hi Mike, Please go ahead and upload! Thank you for preparing that fix! -- Russ Allbery (r...@debian.org) <https://www.eyrie.org/~eagle/>

Re: rssh security update breaks rsync via Synology's "hyper backup"

2019-02-19 Thread Russ Allbery
e, as mentioned in the previous message, I'm pretty sure command="rsync --server -daemon ." in the authorized_keys file does what you want since you don't need to allow other arbitrary rsync commands.) -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>

Accepted rssh 2.3.4-4+deb8u3 (source amd64) into oldstable

2019-02-19 Thread Russ Allbery
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 18 Feb 2019 19:50:49 -0800 Source: rssh Binary: rssh Architecture: source amd64 Version: 2.3.4-4+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Russ Allbery Changed-By: Russ Allbery Description: rssh

Re: rssh security update breaks rsync via Synology's "hyper backup"

2019-02-18 Thread Russ Allbery
Russ Allbery writes: > I'll follow up with the proposed diffs for stable and oldstable. Here are the proposed diffs for stable and oldstable. The stable diff just fixes the libssh2 interoperability regression. The oldstable diff fixes both that and the regression with downloading multi

Re: rssh security update breaks rsync via Synology's "hyper backup"

2019-02-18 Thread Russ Allbery
Roman Medina-Heigl Hernandez writes: > El 18/02/2019 a las 18:27, Russ Allbery escribió: >> While I agree that using undocumented features of rsync is a little >> dubious, I'm also willing to include a fix to allow the specific >> command line "rsync --server --d

Re: rssh security update breaks rsync via Synology's "hyper backup"

2019-02-18 Thread Russ Allbery
den of one-off hacks like that. I should be able to do this later today. Does this plan sound good to everyone? I'll follow up with the proposed diffs for stable and oldstable. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>

Re: rssh security update breaks rsync via Synology's "hyper backup"

2019-02-14 Thread Russ Allbery
(But be aware of CVE-2019-3463.) -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>

Accepted rssh 2.3.4-4+deb8u2 (source amd64) into oldstable

2019-02-05 Thread Russ Allbery
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 01 Feb 2019 20:28:01 -0800 Source: rssh Binary: rssh Architecture: source amd64 Version: 2.3.4-4+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Russ Allbery Changed-By: Russ Allbery Description: rssh

Re: openssh_7.2p2+ availability for wheezy

2017-07-27 Thread Russ Allbery
s which also allow X11 forwarding, with a fairly simple workaround of just adding no-X11-forwarding to the relevant authorized_keys lines). -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>