rssh

1 files changed, 23 insertions, 0 deletions

diff --git a/korean/security/2019/dsa-4377.wml b/korean/security/2019/dsa-4377.wml
new file mode 100644
index 00000000000..e66fe0418cf
--- /dev/null
+++ b/korean/security/2019/dsa-4377.wml
@@ -0,0 +1,23 @@
+#use wml::debian::translation-check translation="5ab30aafbfd62a548582887f297aa136a1d43e7b" maintainer="Sebul"
+<define-tag description>보안 업데이트</define-tag>
+<define-tag moreinfo>
+<p>The ESnet security team discovered a vulnerability in rssh, a restricted
+shell that allows users to perform only scp, sftp, cvs, svnserve
+(Subversion), rdist and/or rsync operations. Missing validation in the
+scp support could result in the bypass of this restriction, allowing the
+execution of arbitrary shell commands.</p>
+
+<p>업데이트가 적용되면 scp의 <q>-3</q> 옵션은 쓸 수 없습니다.
+</p>
+
+<p>안정 배포(stretch)에서, 이 문제를 버전 2.3.4-5+deb9u1에서 고쳤습니다.</p>
+
+<p>rssh 패키지를 업그레이드 하는 게 좋습니다.</p>
+
+<p>rssh의 자세한 보안 상태는 보안 추적 페이지 참조:
+<a href="https://security-tracker.debian.org/tracker/rssh">\
+https://security-tracker.debian.org/tracker/rssh</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2019/dsa-4377.data"