severity 557134 serious
clone 557134 -1
reassgin -1 release.debian.org
retitle -1 RM: syscp/1.4.2.1-2
severity -1 normal
thanks
This bug reported by Raphael lead to a wider search of security relevant
issues and I'm afraid we can't ship syscp in squeeze as it is. There are
several 'exec' commands
Package: syscp
Severity: important
Version: 1.4.2.1-1
Tags: security
Hi,
I just found the following incorrect usage of escapeshellcmd, when
escapeshellarg is needed:
/usr/share/syscp/lib/class_apsinstaller.php:
$Return = safe_exec('php ' . escapeshellcmd($this->RealPath .
$this->DomainPath . '
2 matches
Mail list logo
