[Pkg-crosswire-devel] [Bug 195696]

Jamie Strandboge jamie at ubuntu.com
Fri Oct 14 21:20:07 BST 2011


Thank you for reporting this bug to Ubuntu. dapper has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against dapper is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

** Changed in: sword (Ubuntu Dapper)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of CrossWire
Packaging Team, which is subscribed to sword in Ubuntu.
https://bugs.launchpad.net/bugs/195696

Title:
  [diatheke] [CVE-2008-0932] insufficient input sanitising

Status in “sword” package in Ubuntu:
  Fix Released
Status in “sword” source package in Dapper:
  Won't Fix
Status in “sword” source package in Edgy:
  Won't Fix
Status in “sword” source package in Feisty:
  Won't Fix
Status in “sword” source package in Gutsy:
  Won't Fix
Status in “sword” source package in Hardy:
  Fix Released
Status in “sword” package in Debian:
  Fix Released

Bug description:
  Binary package hint: diatheke

  References:
  DSA-1508-1 (http://www.debian.org/security/2008/dsa-1508)

  Quoting:
  "Dan Dennison discovered that Diatheke, a CGI program to make a bible
  website, performs insufficient sanitising of a parameter, allowing a
  remote attacker to execute arbitrary shell commands as the web server
  user."

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sword/+bug/195696/+subscriptions




More information about the Pkg-crosswire-devel mailing list