Package: bitlbee Version: 1.2.2-1 Severity: grave Justification: causes non-serious data loss
There's another bug where a new user can overwrite existing accounts. This does not give one access to anything that shouldn't be accessible, but it does allow people to delete other people's accounts. 1.2.3 fixed this problem and I'm about to upload it. I did a thorough review of all relevant code and made sure this can't happen again. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages bitlbee depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii debianutils 2.30 Miscellaneous utilities specific t ii libc6 2.7-13 GNU C Library: Shared libraries ii libevent1 1.3e-3 An asynchronous event notification ii libglib2.0-0 2.16.4-2 The GLib library of C routines ii libgnutls26 2.4.1-1 the GNU TLS library - runtime libr ii net-tools 1.60-19 The NET-3 networking toolkit bitlbee recommends no packages. bitlbee suggests no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]