--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: cgi-scripts introduces potential security holes
- From: Thierry Laronde <thierry.laronde>
- Date: Sat, 15 Jan 2000 10:21:12 +0100
- Message-id: <20000115102112.A640@polynum.com>
Package: cgi-scripts
Severity: critical
This orphaned package is, at the moment, inconsistent, lacking documentation,
giving scripts that are now almost useless, and placing in /cgi-bin/ Bourne
Shell scripts invoking directly commands like 'finger', which introduces
security holes.
I suggest to push it from orphaned to withdrawned, the time for me to hardly
rework it.
Thanks.
--
Thierry LARONDE
thierry.laronde@polynum.com
website : http://www.polynum.com
--- End Message ---