diff options
author | Neil McGovern <neilm@debian.org> | 2007-02-01 10:44:18 +0000 |
---|---|---|
committer | Neil McGovern <neilm@debian.org> | 2007-02-01 10:44:18 +0000 |
commit | 04604f46ae92d8214e69f47f6b03566fdd1368bc (patch) | |
tree | 47e0e36d3b252d7e92867c6908dfbe4a794c4e0d /data | |
parent | 1c296852ee50fddb5084a2861c628e7b2955ba9b (diff) |
release DTSA-32-1.html (bcfg2)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5396 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/DTSA/advs/32-bcfg2.adv | 14 | ||||
-rw-r--r-- | data/DTSA/list | 3 |
2 files changed, 17 insertions, 0 deletions
diff --git a/data/DTSA/advs/32-bcfg2.adv b/data/DTSA/advs/32-bcfg2.adv new file mode 100644 index 0000000000..b874825a7c --- /dev/null +++ b/data/DTSA/advs/32-bcfg2.adv @@ -0,0 +1,14 @@ +source: bcfg2 +date: February 1st, 2007 +author: Neil McGovern +vuln-type: programming error +problem-scope: local +debian-specifc: yes +testing-fix: 0.8.6.1-1.1etch1 +sid-fix: 0.8.7.3-1 +upgrade: apt-get install bcfg2 + +Incorrect permissions for the bcfg2 configuration file could lead to password +disclosure to unprivileged users. + +Please note that bcfg2 is not present in sarge. diff --git a/data/DTSA/list b/data/DTSA/list index 92134eda51..41ddaaf1c5 100644 --- a/data/DTSA/list +++ b/data/DTSA/list @@ -84,3 +84,6 @@ [September 27th, 2006] DTSA-31-1 hyperestraier - cross-site request forgery (CSRF) vulnerability {CVE-2006-3671 } - hyperestraier 1.0.6-1.1etch1 +[February 1st, 2007] DTSA-32-1 bcfg2 - programming error + {} + - bcfg2 0.8.6.1-1.1etch1 |