Bug#1016682: ocsinventory-reports: asks user to remove files form /usr/share/ocsinventory-reports/ocsreports
Ansgar
ansgar at debian.org
Fri Aug 5 08:31:20 BST 2022
Package: ocsinventory-reports
Version: 2.8.1+dfsg1-1
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
After installation and setup, ocsreports' web interface prominently
displays the following warning:
SECURITY ALERT!
Your install.php exists in your installation directory
(by default : /usr/share/ocsinventory-reports/ocsreports).
Users should not have to remove files from /usr/share for a secure
installation.
Furthermore any files removed will reappear after a (security or
other) update, thereby reintroducing the problem. (Adding the
"security" tag for this reason.)
Ansgar
More information about the pkg-perl-maintainers
mailing list