Comment 5 for bug 249593

Actually, guty is affected-- the aforementioned changelog entry is for CVE-2007-6350. CVE-2007-6415 was fixed in Debian in 4.6-1.2.

scponly (4.6-1.2) unstable; urgency=high

  * Non-maintainer upload by the Security Team
  * scp: -o and -F options are dangerous (CVE-2007-6415).