On Tue, Aug 14, 2012 at 02:00:05AM +0300, Peter Pentchev wrote: > On Tue, Aug 14, 2012 at 02:51:16AM +0400, Michael Tokarev wrote: > > On 13.08.2012 00:18, Nick Leverton wrote: > > [] > > > diff -Nru nullmailer-1.11/debian/changelog > > > nullmailer-1.11/debian/changelog > > > --- nullmailer-1.11/debian/changelog 2012-06-16 16:36:28.000000000 > > > +0100 > > > +++ nullmailer-1.11/debian/changelog 2012-08-11 23:55:36.000000000 > > > +0100 > > > @@ -1,3 +1,9 @@ > > > +nullmailer (1:1.11-2) unstable; urgency=low > > > + > > > + * Make 'remotes' not world-readable (Closes: #684619) > > > > What's wrong with remotes being world-readable? > > For instance, it may include SMTP authentication information.
This is the issue, yes. Security team classed it as Serious (#684619, see original upload template) and hence it's an RC bug, so I'd be very grateful if a DD could upload this for me. Thankyou Nick -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120815072023.ga30...@leverton.org
