tags 661993 + upstream, help, confirmed Hi,
Although the impact of this security bug is not too high (as a series of conditions should be present, which are usually not there), it is a real bug with real implications. I am tempted to downgrade it, as it is only dangerous in very specific situations, but at least for now I'll leave it as serious. The upstream author is informed about this bug, but has not been able to find a way to fix it while keeping cherokee-admin's full functionality: http://www.openwall.com/lists/oss-security/2011/06/06/13 The RedHat bugtracker lists this bug as dealt with, but it seems to me it regards just one of the two defects reported in the bug – And not this one: https://bugzilla.redhat.com/show_bug.cgi?id=713304 Thanks,
signature.asc
Description: Digital signature