Control: affects 904200 acccheck On Mon, 03 Sep 2018, p...@reseau-libre.net wrote: > I've updated the acccheck.pl behavior to correct (i hope) the > CVE-2018-12268. User and password input files are sanitized before any use > in the generated commandline string. The patch is given attached to this > mail.
FWIW, I requested the removal of the package a while ago: https://bugs.debian.org/904200 And this is not the only security issue in that script... there's no point in spending any time on this issue. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
