Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 06 Mar 2011 16:19:04 +0700
From: Pavel Labushev <p.labushev@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- logrotate -- nine issues

06.03.2011 02:21, Solar Designer пишет:

>> At least in Gentoo there are packages
>> (ebuilds and eclasses) that create user/group-writable directories in
>> /var/log and enable logrotate to handle the log files there.
> 
> Is this something you can get fixed?

I hope it will be fixed soon. Would be nice to have CVEs assigned for these
issues anyway, just to make people aware. If even package maintainers got it
wrong, I bet there's a legion of users who also did.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.