[Secure-testing-team] Bug#484728: roundup: security hole: CVE-2008-1475
Alvaro Herrera
alvherre at alvh.no-ip.org
Thu Jun 5 22:27:46 UTC 2008
Package: roundup
Version: 1.4.4
Severity: grave
Tags: security
Justification: user security hole
I see that there isn't a fix for Debian for this bug:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475
http://sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788
Apparently, the Debian version is thus vulnerable.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24-1-amd64 (SMP w/1 CPU core)
Locale: LANG=es_CL.utf8, LC_CTYPE=es_CL.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
More information about the Secure-testing-team
mailing list