release DTSA-32-1.html (bcfg2)

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5396 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Neil McGovern <neilm@debian.org> 2007-02-01 10:44:18 +0000
committer: Neil McGovern <neilm@debian.org> 2007-02-01 10:44:18 +0000
commit: 04604f46ae92d8214e69f47f6b03566fdd1368bc (patch)
tree: 47e0e36d3b252d7e92867c6908dfbe4a794c4e0d /data
parent: 1c296852ee50fddb5084a2861c628e7b2955ba9b (diff)
2 files changed, 17 insertions, 0 deletions
diff --git a/data/DTSA/advs/32-bcfg2.adv b/data/DTSA/advs/32-bcfg2.adv
new file mode 100644
index 0000000000..b874825a7c
--- /dev/null
+++ b/data/DTSA/advs/32-bcfg2.adv
@@ -0,0 +1,14 @@
+source: bcfg2
+date: February 1st, 2007
+author: Neil McGovern
+vuln-type: programming error
+problem-scope: local
+debian-specifc: yes
+testing-fix: 0.8.6.1-1.1etch1
+sid-fix: 0.8.7.3-1
+upgrade: apt-get install bcfg2
+
+Incorrect permissions for the bcfg2 configuration file could lead to password
+disclosure to unprivileged users.
+
+Please note that bcfg2 is not present in sarge.
diff --git a/data/DTSA/list b/data/DTSA/list
index 92134eda51..41ddaaf1c5 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -84,3 +84,6 @@
 [September 27th, 2006] DTSA-31-1 hyperestraier - cross-site request forgery (CSRF) vulnerability
 	{CVE-2006-3671 }
 	- hyperestraier 1.0.6-1.1etch1
+[February 1st, 2007] DTSA-32-1 bcfg2 - programming error
+	{}
+	- bcfg2 0.8.6.1-1.1etch1
author	Neil McGovern <neilm@debian.org>	2007-02-01 10:44:18 +0000
committer	Neil McGovern <neilm@debian.org>	2007-02-01 10:44:18 +0000
commit	04604f46ae92d8214e69f47f6b03566fdd1368bc (patch)
tree	47e0e36d3b252d7e92867c6908dfbe4a794c4e0d /data
parent	1c296852ee50fddb5084a2861c628e7b2955ba9b (diff)