On Wed, Jan 05, 2011 at 09:36:39AM -0600, Gunnar Wolf wrote:
> Mehdi Dogguy dijo [Mon, Dec 27, 2010 at 08:27:39PM +0100]:
> > > Gunnar: my suggestion is to go ahead and do the upload. The packaging
> > > is in collab-maint, after all, so presumably Adam expects
> > > collaboration :-)
> > >
> >
Mehdi Dogguy dijo [Mon, Dec 27, 2010 at 08:27:39PM +0100]:
> > Gunnar: my suggestion is to go ahead and do the upload. The packaging
> > is in collab-maint, after all, so presumably Adam expects
> > collaboration :-)
> >
>
> Meh… So, this is my intent to NMU. I'll upload tomorrow to delayed/0 if
On 12/26/2010 09:01 PM, Steve M. Robbins wrote:
>
> Gunnar: my suggestion is to go ahead and do the upload. The packaging
> is in collab-maint, after all, so presumably Adam expects
> collaboration :-)
>
Meh… So, this is my intent to NMU. I'll upload tomorrow to delayed/0 if no
one yells. Not h
On Sun, Dec 26, 2010 at 01:33:27PM +0100, Mehdi Dogguy wrote:
> On 0, Gunnar Wolf wrote:
> > Steve M. Robbins dijo [Mon, Dec 13, 2010 at 10:25:41PM -0600]:
> > > > > Do you happen to have access to git.debian.org? If you do, can you
> > > > > apply your patch? The procedure is basically,
> > > >
On 0, Gunnar Wolf wrote:
> Steve M. Robbins dijo [Mon, Dec 13, 2010 at 10:25:41PM -0600]:
> > > > Do you happen to have access to git.debian.org? If you do, can you
> > > > apply your patch? The procedure is basically,
> > > > (...)
> > >
> > > Done. Thanks!
> >
> > OK, are one of you going to
Steve M. Robbins dijo [Mon, Dec 13, 2010 at 10:25:41PM -0600]:
> > > Do you happen to have access to git.debian.org? If you do, can you
> > > apply your patch? The procedure is basically,
> > > (...)
> >
> > Done. Thanks!
>
> OK, are one of you going to make the upload to close this bug
> before
On Mon, Nov 15, 2010 at 07:02:10PM -0600, Gunnar Wolf wrote:
> Adam Majer dijo [Mon, Nov 15, 2010 at 01:53:48PM -0600]:
> > Do you happen to have access to git.debian.org? If you do, can you
> > apply your patch? The procedure is basically,
> > (...)
>
> Done. Thanks!
OK, are one of you going to
Processing commands for cont...@bugs.debian.org:
> tags 603048 + pending
Bug #603048 [rails] rails: Gives dangerous advice regarding log permissions
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
603048: http://bugs.debian.org/cgi-bin/bugrep
tags 603048 + pending
thanks
Adam Majer dijo [Mon, Nov 15, 2010 at 01:53:48PM -0600]:
> > Asking the administrator to make the log files mode 0666 would make
> > them vulnerable to modification or erasure by any system user. Even
> > given that many of Rails' users are not Unix-savvy, this should
Hello!
On Wed, Nov 10, 2010 at 10:49:05AM -0600, Gunnar Wolf wrote:
> Package: rails
> Version: 2.3.5-1.1
> Severity: serious
> Tags: security patch
> Justification: 4
>
> When spawning a process on a Rails by any user that is not the logfile
> owner, the following IMHO dangerous advice is given:
Package: rails
Version: 2.3.5-1.1
Severity: serious
Tags: security patch
Justification: 4
When spawning a process on a Rails by any user that is not the logfile
owner, the following IMHO dangerous advice is given:
Rails Error: Unable to access log file. Please ensure that
/home/webapps/se
11 matches
Mail list logo
