Package: docbookwiki Severity: important
Hi,
The postrm script of docbookwiki exposes a mysql password in ps output:
MYSQLPASS=`grep -m 1 password /etc/mysql/debian.cnf | awk '{print $3}'`
/etc/init.d/mysql status && echo "drop database if exists webnotes ;" \
| mysql --user=debian-sys-maint --password=$MYSQLPASS \
-S
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

