Package: sslh Version: 1.13b-3.2 Severity: important Dear Maintainer,
sslh has USELIBWRAP off by default while openssh-server has libwrap support enabled by default in Debian. So sslh default is not in line with the openssh-server default, which is in my eyes not what I expected and therefore a security risk. Recommendation: Activate USELIBWRAP by default. Best regards, Christian -- System Information: Debian Release: 7.7 APT prefers stable APT policy: (600, 'stable'), (500, 'testing'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-0.bpo.2-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to de_DE.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sslh depends on: ii adduser 3.113+nmu3 ii debconf 1.5.49 ii libc6 2.19-11 ii libconfig9 1.4.8-5 ii lsb-base 4.1+Debian8+deb7u1 ii update-inetd 4.43 Versions of packages sslh recommends: ii apache2 2.2.22-13+deb7u3 ii apache2-mpm-prefork [httpd] 2.2.22-13+deb7u3 ii dropbear [ssh-server] 2012.55-1.3 ii openssh-server [ssh-server] 1:6.0p1-4+deb7u2 Versions of packages sslh suggests: ii xinetd [inet-superserver] 1:2.3.14-7.1+deb7u1 -- Configuration Files: /etc/default/sslh changed [not included] -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
