[Secure-testing-team] viewvc: Forbids only directories, not files

Steve Kemp skx at debian.org
Wed Dec 5 18:51:24 UTC 2007


  This bug doesn't affect Etch or Sarge, since the package
 is only contained in Lenny/Sid.

  The flaw has however should be known as CVE-2007-5743 for
 any fixed upload to Sid/Lenny.

  Cc'ing the secure-testing-team to make sure it is spotted.

Steve
-- 
Debian GNU/Linux System Administration
http://www.debian-administration.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071205/85a80cb4/attachment.pgp 


More information about the Secure-testing-team mailing list