package: pptp-linux severity: important tags: security Hello,
Fedora issued the following update for pptp-linux, which they have tagged as security-related: This update corrects the behaviour of pptpsetup when its --delete option is used, retaining the permissions of /etc/ppp/chap-secrets rather than creating a new file that is likely to be world-readable. If you have previously used the --delete option of pptpsetup, you should reset the permissions of /etc/ppp/chap- secrets to their default value of 0600 unless you have good reasons to use another value: # chmod 600 /etc/ppp/chap-secrets Is this problem present in debian, and should it be of concern to the security team? From my perspective, the problem seems rather insignificant, but I will defer to your opinion as the maintainer. See the Fedora security announcement for more details [1]. Thanks for your assistance on this issue. [1] http://lwn.net/Articles/328042/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
