Re: [Secure-testing-commits] r9971 - / data data/CVE

To: Steffen Joeris <steffen.joeris@skolelinux.de>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: [Secure-testing-commits] r9971 - / data data/CVE
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 7 Oct 2008 23:18:48 +0200
Message-id: <[🔎] 20081007211848.GA4290@galadriel.inutil.org>
In-reply-to: <[🔎] 200810070131.35848.steffen.joeris@skolelinux.de>
References: <E1Klp8C-0006aW-6i@alioth.debian.org> <[🔎] 200810070131.35848.steffen.joeris@skolelinux.de>

> >  DSA: (Name in brackets if someone prepares a DSA)
> >   Binary-package: feta (1.4.16)  (jmm)
> > + Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
> 
> I just had a quick chat with the maintainer and it seems that the insecure 
> temp file handling exists only in example scripts, which are not enabled by 
> default and need to be enabled manually be the user. The scripts are for 
> database archiving.

Ok, I moved them to the DSA list since they're targeted for regular
operation like stats generation, but we'll take the maintainer's advice.

> Should we move freeradius-dialupadmin to SPU candidates or did I miss 
> anything?

Ok, just did so.

Cheers,
        Moritz

Reply to:

References:
- Re: [Secure-testing-commits] r9971 - / data data/CVE
  - From: Steffen Joeris <steffen.joeris@skolelinux.de>

Prev by Date: Re: [Secure-testing-commits] r9978 - / data data/CVE
Next by Date: Re: [Secure-testing-commits] r9978 - / data data/CVE
Previous by thread: Re: [Secure-testing-commits] r9971 - / data data/CVE
Next by thread: Re: [Secure-testing-commits] r9978 - / data data/CVE
Index(es):
- Date
- Thread