[Pkg-sympa-devel] Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log
Emmanuel Bouthenot
kolter at openics.org
Mon Nov 28 22:06:27 UTC 2011
Hi Olivier,
On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote:
> Package: sympa
> Version: 5.3.4-6.1
> Severity: normal
>
> Hi.
>
> I just upgraded one of my servers from etch to lenny and got :
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 37.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure EXEC while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 37.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 77.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure EXEC while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 77.
> in the apache logs.
This bug seems quite old, and I wonder if it's still valid? It doesn't
seems to be reproducible with the latest versions of sympa.
Do you experience it with sympa >= 6.x?
I think that we can safely close it but I will be glad to get your
opinion.
Regards,
--
Emmanuel Bouthenot
mail: kolter@{openics,debian}.org gpg: 4096R/0x929D42C3
xmpp: kolter at im.openics.org irc: kolter@{freenode,oftc}
More information about the Pkg-sympa-devel
mailing list