[Python-apps-team] Bug#716718: Bug#716718: nagstamon: CVE-2013-4114: credentials exposure

Henri Salo henri at nerv.fi
Fri Jul 12 11:02:18 UTC 2013


On Fri, Jul 12, 2013 at 08:44:00AM +0200, chaica at ohmytux.com wrote:
> Thanks for your bug report, it's appreciated. I was aware of this
> situation and I'm packaging the 0.9.9.1 to solve this issue. Will be
> ready soon.

Please also note comment in security-tracker[1]:

"update checks are disabled in Debian by default, see
debian/patches/check-for-new-version.patch", which was commited by jmm[2].

1: https://security-tracker.debian.org/tracker/CVE-2013-4114
2:
http://lists.alioth.debian.org/pipermail/secure-testing-commits/2013-July/024213.html

If this is correct we can close this issue is in my opinion. Please contact me
in case you need any assistance.

---
Henri Salo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/python-apps-team/attachments/20130712/c9278bde/attachment.sig>


More information about the Python-apps-team mailing list