Bug#305142: CAN-2005-2214: insegure apt-setup

To: 305142@bugs.debian.org
Subject: Bug#305142: CAN-2005-2214: insegure apt-setup
From: Martin Schulze <joey@infodrom.org>
Date: Tue, 12 Jul 2005 07:31:42 +0200
Message-id: <[🔎] 20050712053142.GB9098@finlandia.infodrom.north.de>
Reply-to: Martin Schulze <joey@infodrom.org>, 305142@bugs.debian.org

severity 305142 important
tags 305142 security
thanks

Is there any motion on this problem?

======================================================
Candidate: CAN-2005-2214
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2214
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20050712
Category: SF
Reference: MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305142
Reference: SECUNIA:15955
Reference: URL:http://secunia.com/advisories/15955

apt-setup in Debian GNU/Linux installs the apt.conf file with insecure
permissions, which allows local users to obtain sensitive information
such as passwords.


Regards,

	Joey

-- 
Have you ever noticed that "General Public Licence" contains the word "Pub"?

Please always Cc to me when replying to me on the lists.

Reply to:

Follow-Ups:
- Processed: CAN-2005-2214: insegure apt-setup
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#305142: CAN-2005-2214: insegure apt-setup
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Processed: CAN-2005-2214: insegure apt-setup
Next by Date: Bug#260815: marked as done (efi-reader - installs files into etc/rcS.d)
Previous by thread: Wishlist : Rolex or Cartier or Breitling
Next by thread: Processed: CAN-2005-2214: insegure apt-setup
Index(es):
- Date
- Thread