[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1145-1] New freeradius packages fix several vulnerabilities

This one time, at band camp, Gerfried Fuchs said:
> Am Dienstag, den 08.08.2006, 01:29 +0200 schrieb Moritz Muehlenhoff:
> > Package        : freeradius
>  this package has a nasty side effect and works against the debian
>  policy: it changes in its postinst permissions for files in /etc
>  unconditionally and on every install.
>  please be aware of this, I'm going to check if it still available in
>  testing/unstable and file the appropriate release critical bugreport
>  against it.

I have just taken over comaintenance of the freeradius package with a
friend.  We have found and fixed this bug (in svn), although not yet
uploaded to unstable.  If you would like to test the new version to make
sure that all of the problems of this sort are fixed, yuou can get it
from svn.debian.org/wsvn/collab-maint/ext-maint/freeradius (I think you
only need svn+ssh if you want to modify - I'm fairly sure it's world

I'm not discouraging you from filing the bug, mind you - just letting
you know we are aware of it and actively trying to fix it.

Take care,
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |

Attachment: signature.asc
Description: Digital signature

Reply to: