Bug#649384: gnash creates world-readable cookies under /tmp with predictable filenames
Gabriele Giacone
1o5g4r8o at gmail.com
Sun Jul 8 23:13:39 UTC 2012
On 07/08/2012 09:15 PM, Jonathan Wiltshire wrote:
> Recently you fixed one or more security problems and as a result you closed
> this bug. These problems were not serious enough for a Debian Security
> Advisory, so they are now on my radar for fixing in the following suites
> through point releases:
>
> squeeze (6.0.6) - use target "stable"
False positive, your radar didn't detect DSA-2435 [CVE-2011-4328] has
been created for such issue and fixed through security updates first,
then shipped with 6.0.5.
http://security-tracker.debian.org/tracker/CVE-2011-4328
http://www.debian.org/security/2012/dsa-2435
--
Gabriele
More information about the pkg-flash-devel
mailing list