[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linux GTKicq Security Flaw (thought u should know)

>> "A" == AJ  <artlu@intergrafix.net> writes:

A> cat gtkicqrc it listed my password i use for ICQ which i also used
A> for my own root password!! they were the only places i used
A> it.. needless to say if u use GTKicq make sure u set permissions on
A> /home/user/.icq/gtkicqrc to only the user..

This was fixed in gtkicq 0.57-3 uploaded to frozen and unstable.

Though it had IMHO the wrong priority (low, should be high) and was
not announced on debian-security-announce.

Stephen, what do you think? At least make up the announcement?


Reply to: