[Webmin-maintainers] Bug#310838: [CAN-2005-1177] erroneously changes permissions and ownership of configuration files
Joey Hess
Joey Hess <joeyh@debian.org>, 310838@bugs.debian.org
Thu, 26 May 2005 12:10:05 -0400
--mSxgbZZZvrAyzONB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Martin Pitt wrote:
> Package: webmin
> Version: 1.180-3
> Severity: critical
> Tags: security
>=20
> Hi!
>=20
> CAN-2005-1177 describes a bug in webmin that can cause the permissions
> and ownerships of configuration files to be changed when the file is
> modified. This is fixed in 1.200, see
>=20
> http://www.webmin.com/changes.html
>=20
> Can you please backport this fix?
According to this mailing list post, it only affects 1.190 and not the
version in sarge.
http://lists.debian.org/debian-release/2005/04/msg00185.html
I think this bug should be closed.
You may find the testing security team's CAN/list file useful, BTW,
since nearly every bug you filed today already had a note in there about
the same vulnerbility.
--=20
see shy jo
--mSxgbZZZvrAyzONB
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFClfTcd8HHehbQuO8RAi/sAJ9GDGqE5PMc4gePZ20JmkrWmq+eQQCfayNv
FcBug7ig6NYOlxYZXhZYwdE=
=SqLQ
-----END PGP SIGNATURE-----
--mSxgbZZZvrAyzONB--