[thierry.laronde: cgi-scripts introduces potential security holes]

To: Debian Quality <debian-qa@lists.debian.org>
Subject: [thierry.laronde: cgi-scripts introduces potential security holes]
From: Thierry Laronde <thierry.laronde@polynum.com>
Date: Sat, 15 Jan 2000 16:25:35 +0100
Message-id: <[🔎] 20000115162535.A1350@polynum.com>

I forward this to the list because the BTS has sent the message to
Johnnie Ingram who seems to be still recorded as the maintainer (?)


-- 
Thierry LARONDE
thierry.laronde@polynum.com
website : http://www.polynum.com

--- Begin Message ---

To: submit@bugs.debian.org

Subject: cgi-scripts introduces potential security holes

From: Thierry Laronde <thierry.laronde>

Date: Sat, 15 Jan 2000 10:21:12 +0100

Message-id: <20000115102112.A640@polynum.com>
Package: cgi-scripts
Severity: critical 

This orphaned package is, at the moment, inconsistent, lacking documentation,
giving scripts that are now almost useless, and placing in /cgi-bin/ Bourne 
Shell scripts invoking directly commands like 'finger', which introduces 
security holes.

I suggest to push it from orphaned to withdrawned, the time for me to hardly
rework it.

Thanks.
-- 
Thierry LARONDE
thierry.laronde@polynum.com
website : http://www.polynum.com
--- End Message ---

Reply to:

Follow-Ups:
- Re: [thierry.laronde: cgi-scripts introduces potential security holes]
  - From: Raphael Hertzog <rhertzog@hrnet.fr>

Prev by Date: dpkg | dselect | apt : debian-qa fields planned?
Next by Date: Bug#55260: metamail: can't build from source
Previous by thread: Re: dpkg | dselect | apt : debian-qa fields planned?
Next by thread: Re: [thierry.laronde: cgi-scripts introduces potential security holes]
Index(es):
- Date
- Thread