On Mon, Aug 29, 2005 at 12:26:09PM -0700, Steve Langasek wrote:
> You probably want some way instead to ensure that such files are created
> with 0644 mode if they're system-wide entries created by root; I see
> that you've closed this bug with a changelog entry saying to set the
> umask, but unle
On Mon, Aug 29, 2005 at 01:44:42PM +0200, Enrico Zini wrote:
> > On Sat, Aug 13, Enrico Zini wrote:
> > > Oh! That's a bad bug, security-related, critical severity. Could you
> > > please report it?
> > Sorry about the delay. I can't see quite how the exploit would
> > work, even as a "grave"
On Sun, Aug 28, 2005 at 10:41:52PM +0100, Justin B Rye wrote:
> On Sat, Aug 13, Enrico Zini wrote:
> > Oh! That's a bad bug, security-related, critical severity. Could you
> > please report it?
>
> Sorry about the delay. I can't see quite how the exploit would
> work, even as a "grave" user-ve
Package: polygen
Version: 1.0.6-7
Severity: critical
Tags: security
Justification: root security hole
/var/lib/dpkg/info/polygen-data.postinst invokes /usr/bin/polygen on
all its /usr/share/polygen/*/*.grm data files to create corresponding
.grm.o files. Unfortunately polygen ignores the umask an
4 matches
Mail list logo
