Steve Kemp
2007-Dec-05 18:51 UTC
[Secure-testing-team] viewvc: Forbids only directories, not files
This bug doesn''t affect Etch or Sarge, since the package is only contained in Lenny/Sid. The flaw has however should be known as CVE-2007-5743 for any fixed upload to Sid/Lenny. Cc''ing the secure-testing-team to make sure it is spotted. Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071205/85a80cb4/attachment.pgp