The fix is for some third party shell scripts which I don't think anyone uses and I am thinking of dumping. I did not announce 2.1.16 since it contains nothing new. It is simply the patch release that has been in svn for about 4 months. I am catching up.
M On Sun, 2005-10-02 at 19:36 -0400, Jeff Sheltren wrote: > On Oct 2, 2005, at 1:34 PM, Lance Albertson wrote: > > > I just got a report that debian has released [1] a security fix for > > cfengine. Is this something thats old or something thats new? I > > couldn't > > find much information about it anywhere. Feel free to comment on the > > gentoo bug [2]. > > > > Thanks! > > > > [1] http://www.debian.org/security/2005/dsa-836 > > [2] http://bugs.gentoo.org/show_bug.cgi?id=107871 > > -- > > Lance Albertson <[EMAIL PROTECTED]> > > Gentoo Infrastructure | Operations Manager > > I can't find any info on it either. The CAN entry only shows > 'reserved' - not very helpful. I can't figure out a way to see the > patch without having access to a debian machine; anyone know how to > do that (or have a debian box so you can show the patch contents)? > > This looks like the patch: > * Applied patch by Javier Fernández-Sanguino Peña to fix insecure > temporary file creation [debian/patches/010_CAN-2005-2960_tmpfile] > > On another note, I just noticed that 2.1.16 is the current version on > cfengine.org - did I just miss the announcement, or was there one? > > -Jeff > > _______________________________________________ > Help-cfengine mailing list > [email protected] > http://lists.gnu.org/mailman/listinfo/help-cfengine _______________________________________________ Help-cfengine mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-cfengine
