tags 652417 confirmed pending upstream fixed-upstream
thanks

Hello Vincent,

On Sat, 17 Dec 2011 03:27:32 +0100, Vincent Lefevre wrote:

> Package: wicd
> Version: 1.7.1~b3-3
> Severity: grave
> Tags: security
> Justification: user security hole

having fun filing RC bugs, eh? :)

> wicd writes sensitive information in log files (under /var/log/wicd),
> such as passwords and passphrases. Users in the adm group can have
> access to them, but also log files are meant to be sent in bug
> reports, and if the bug reporter doesn't pay attention, there is
> a huge risk to transmit such information.

Fixed upstream:

http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/682

-- 
 . ''`.   Debian developer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 ----|---- http://deb.li/dapal
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174

Attachment: signature.asc
Description: PGP signature

Reply via email to