Bug#767227: [oss-security] Re: CVE request: lsyncd command injection

Moritz Mühlenhoff Sun, 28 Dec 2014 17:39:23 -0800

On Wed, Nov 26, 2014 at 12:18:13AM +0100, Ángel González wrote:
> On 20-11-2014 Mitre wrote:
> > > There is a command injection flaw in lsyncd, a file change monitoring
> > > and synchronization daemon:
> > > 
> > > https://github.com/axkibe/lsyncd/issues/220
> > > 
> > > https://github.com/creshal/lsyncd/commit/18f02ad013b41a72753912155ae2ba72f2a53e52
> > > 
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767227
> > 
> > Use CVE-2014-8990. The scope of this CVE ID includes both:


What's the status for jessie?

Cheers,
        Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#767227: [oss-security] Re: CVE request: lsyncd command injection

Reply via email to