[Pkg-acpi-devel] Bug#560771: Bug#560771: acpid: CVE-2009-4235: weak permissions on /var/log/acpid

Michael Meskes meskes at debian.org
Mon Dec 14 19:33:50 UTC 2009


On Sun, Dec 13, 2009 at 09:42:58PM -0600, Raphael Geissert wrote:
> I think the best approach is to prepare uploads for unstable and
> stable (via stable-proposed-updates) fixing the permissions of the

Why only proposed-updates and not security?

> file, and an upload for oldstable (via oldstable-security) that fixes
> both the permissions and the open(2) call.

But security here?

Michael
-- 
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org
ICQ: 179140304, AIM/Yahoo/Skype: michaelmeskes, Jabber: meskes at jabber.org
VfL Borussia! Forca Barca! Go SF 49ers! Use: Debian GNU/Linux, PostgreSQL





More information about the Pkg-acpi-devel mailing list