Package: nvi
Version: 1.79-25
Severity: grave
Tags: security patch
Hi everyone,
Going through the list of packages listed at [1] I noticed the overrides are
completely wrong and it *is* a security issue. I verified versions 1.79-25
and 1.81.6-3 (etch and lenny, respectively) of the package
Hi Raphael,
your report is correct, but if /var/tmp/vi.recover was really a symlink
to some existing directory (like /), mkdir -p won't fail at all - in fact,
it won't even be executed because the [ -d ] test will already succeed.
I'll fix it properly - thanks for catching it.
Regards,
Jan
2 matches
Mail list logo
