[Secure-testing-team] viewvc: Forbids only directories, not files
Steve Kemp
skx at debian.org
Wed Dec 5 18:51:24 UTC 2007
This bug doesn't affect Etch or Sarge, since the package
is only contained in Lenny/Sid.
The flaw has however should be known as CVE-2007-5743 for
any fixed upload to Sid/Lenny.
Cc'ing the secure-testing-team to make sure it is spotted.
Steve
--
Debian GNU/Linux System Administration
http://www.debian-administration.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071205/85a80cb4/attachment.pgp
More information about the Secure-testing-team
mailing list