[Webmin-maintainers] Re: Webmin Remote Root Vulnerability
Jaldhar H. Vyas
jaldhar at debian.org
Thu Mar 9 13:43:26 UTC 2006
On Thu, 9 Mar 2006, Moritz Muehlenhoff wrote:
> It is my understanding that this webmin vulnerabilitity was caused by
> the generic format string flaw in perl. As we fixed perl in DSA-943 this
> should be resolved. Can you confim, Jaldhar?
>
Yes I believe so. The big problem with the webmin packages is that I
asked for them to be removed from the archive right around when that
problem came up. (I wasn't properly maintaining them for a long time
before, that's why I orphaned them.) So there hasn't been any responsible
person chasing things like this down.
Supposedly there is a new team who are going to take over but they haven't
made any public releases yet afaik. They can be reached at
webmin-maintainers at lists.alioth.debian.org which I've CCed.
--
Jaldhar H. Vyas <jaldhar at debian.org>
La Salle Debain - http://www.braincells.com/debian/
More information about the Webmin-maintainers
mailing list