Re: [SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
On 2010-07-31, Nico Golde <nion@debian.org> wrote:
>
> --wTWi5aaYRw9ix9vO
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> Hi,
> * Nico Golde <nion@debian.org> [2010-07-31 18:48]:
>> --------------------------------------------------------------------------
>> Debian Security Advisory DSA-2078-1 security@debian.org
>
> Meh race condition. Moritz isn't dak checking the DSA number we supply to g=
> it?=20
> If we both used DSA-2078-1 it should've detected this as a problem.
It should technically catch the duplicated ID.
However, I used "dak new-security-install DSA-2078 kvirc*changes" as agreed
a few years ago.
Cheers,
Moritz
Reply to: