Hello Joey On 2005-01-18 Joey Hess wrote: > There is a security hole in the mysqlaccess script, as described here: > http://www.vuxml.org/freebsd/ce109fd4-67f3-11d9-a9e7-0001020eed82.html > I've attached a patch taken from Ubuntu.
Thanks for reporting. The security team and I am already aware of it I just held back the patch to not disclosure the bug until the DSA for the stable version has been released. Strange that competing distributions are making it public first with references to the Debian sub project that has actually found the bug... I guess I will upload the patched packages for unstable then... bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
