[Bug 172283] Re: [wireshark] multiple vulnerabilities
** Changed in: wireshark (Ubuntu) Assignee: Stephan Hermann (shermann) = Emanuele Gentili (emgent) -- [wireshark] multiple vulnerabilities https://bugs.launchpad.net/bugs/172283 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
** Attachment added: gutsy_security_cacti_0.8.6j-1.1ubuntu0.3.debdiff http://launchpadlibrarian.net/13030167/gutsy_security_cacti_0.8.6j-1.1ubuntu0.3.debdiff -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
It's a Security Regression, ubuntu-security subscribed. plese remove motu-SRU. ** Attachment removed: gutsy_proposed_cacti_0.8.6j-1.1ubuntu1.2.debdiff http://launchpadlibrarian.net/12983520/gutsy_proposed_cacti_0.8.6j-1.1ubuntu1.2.debdiff ** Attachment added: gutsy_cacti_0.8.6j-1.1ubuntu1.2.debdiff http://launchpadlibrarian.net/12989195/gutsy_cacti_0.8.6j-1.1ubuntu1.2.debdiff -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194190] Re: Please sync cacti 0.8.7b-1 (universe) from Debian unstable (main)
** Attachment added: hardy_cacti_0.8.7b-2ubuntu1.debdiff http://launchpadlibrarian.net/12989268/hardy_cacti_0.8.7b-2ubuntu1.debdiff -- Please sync cacti 0.8.7b-1 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/194190 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
** Attachment removed: gutsy_cacti_0.8.6j-1.1ubuntu1.2.debdiff http://launchpadlibrarian.net/12989195/gutsy_cacti_0.8.6j-1.1ubuntu1.2.debdiff -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
The main part works if don't run it from /dir but from / . According to Stephan Herman attach debdiff and re-subscribe MOTU-SRU. ** Attachment added: gutsy_proposed_0.8.6j-1.1ubuntu1.2.debdiff http://launchpadlibrarian.net/12992491/gutsy_proposed_0.8.6j-1.1ubuntu1.2.debdiff -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
1) Install/upgrade gosa 2) Open browser to http://localhost/cacti/ 3) See Fatal Error [1] 4) It's possible solve the problem manually with patch [2] and debdiff [3] 5) working fine [4] [1] Invalid PHP_SELF Path [2] http://launchpadlibrarian.net/12511474/config.php.patch [3] http://launchpadlibrarian.net/12992491/gutsy_proposed_0.8.6j-1.1ubuntu1.2.debdiff [4] http://thc.emanuele-gentili.com/cacti/ -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
s/gosa/cacti/ -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 207284] Re: [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e
** Attachment added: gutsy_security_vlc_0.8.6.release.c-0ubuntu5.2.debdiff http://launchpadlibrarian.net/13009267/gutsy_security_vlc_0.8.6.release.c-0ubuntu5.2.debdiff ** Changed in: vlc (Ubuntu Gutsy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress ** Changed in: vlc (Ubuntu Feisty) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) -- [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e https://bugs.launchpad.net/bugs/207284 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 207284] Re: [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e
** Attachment added: feisty_security_vlc_0.8.6.release-0ubuntu4.2.debdiff http://launchpadlibrarian.net/13009279/feisty_security_vlc_0.8.6.release-0ubuntu4.2.debdiff ** Changed in: vlc (Ubuntu Feisty) Status: Confirmed = In Progress -- [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e https://bugs.launchpad.net/bugs/207284 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 207284] Re: [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e
** Attachment added: edgy_security_vlc_0.8.6-svn20061012.debian-1ubuntu1.3.debdiff http://launchpadlibrarian.net/13010256/edgy_security_vlc_0.8.6-svn20061012.debian-1ubuntu1.3.debdiff ** Changed in: vlc (Ubuntu Edgy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress ** Changed in: vlc (Ubuntu Dapper) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e https://bugs.launchpad.net/bugs/207284 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 207284] Re: [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e
** Attachment added: dapper_security_vlc_0.8.4.debian-1ubuntu6.3.debdiff http://launchpadlibrarian.net/13010269/dapper_security_vlc_0.8.4.debian-1ubuntu6.3.debdiff -- [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e https://bugs.launchpad.net/bugs/207284 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
** Changed in: gosa (Ubuntu Gutsy) Status: Confirmed = Fix Released ** Changed in: gosa (Ubuntu Gutsy) Status: Fix Released = Confirmed -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
** Attachment added: gutsy_proposed_cacti_0.8.6j-1.1ubuntu1.2.debdiff http://launchpadlibrarian.net/12983520/gutsy_proposed_cacti_0.8.6j-1.1ubuntu1.2.debdiff ** Changed in: cacti (Ubuntu) Status: Confirmed = In Progress -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
fixed in Hardy. -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 194687] Re: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
MOTU-SRU subscribed. -- cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade https://bugs.launchpad.net/bugs/194687 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 193744] Re: [SECURITY] cacti - CVE-2008-0785 and CVE-2008-0786
*** This bug is a duplicate of bug 192199 *** https://bugs.launchpad.net/bugs/192199 fixed by Stephan Herman in 0.8.7a-2ubuntu1. ** Changed in: cacti (Ubuntu Hardy) Status: Confirmed = Fix Released ** This bug has been marked a duplicate of bug 192199 [SECURITY] CVE-2008-0783 and CVE-2008-0784 -- [SECURITY] cacti - CVE-2008-0785 and CVE-2008-0786 https://bugs.launchpad.net/bugs/193744 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
How to reproduce the problem: 1) Install gosa 2) Open browser to http://localhost/gosa/ 3) See Fatal Error [1] 4) It's possible solve the problem manually changing line 175 in /usr/share/gosa/include/php_setup.inc from require(/usr/share/php/smarty/libs/Smarty.class.php); to require(/usr/share/php/smarty/Smarty.class.php); or editing gosa debian/rules [2]. [1] Fatal error: Call to undefined function get_template_path() in /usr/share/gosa/include/php_setup.inc on line 71. [2] See first entered debdiffs. -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Changed in: libnet-dns-perl (Ubuntu Dapper) Status: Fix Committed = Fix Released ** Changed in: libnet-dns-perl (Ubuntu Edgy) Status: Fix Committed = Fix Released ** Changed in: libnet-dns-perl (Ubuntu Feisty) Status: Fix Committed = Fix Released ** Changed in: libnet-dns-perl (Ubuntu Gutsy) Status: Fix Committed = Fix Released -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
POC: http://www.securityfocus.com/archive/1/archive/1/489239/100/0/threaded -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
** Attachment removed: gutsy_horde3_3.1.4-1ubuntu1.debdiff http://launchpadlibrarian.net/12920558/gutsy_horde3_3.1.4-1ubuntu1.debdiff -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
** Changed in: horde3 (Ubuntu Gutsy) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Attachment added: gutsy_horde3_3.1.4-1ubuntu1.debdiff http://launchpadlibrarian.net/12920558/gutsy_horde3_3.1.4-1ubuntu1.debdiff -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
Tested on virtual server, patch work fine. -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
** Attachment added: gutsy_horde3_3.1.4-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12920791/gutsy_horde3_3.1.4-1ubuntu0.1.debdiff -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
** Attachment added: feisty_horde3_3.1.3-4ubuntu0.1.debdiff http://launchpadlibrarian.net/12921013/feisty_horde3_3.1.3-4ubuntu0.1.debdiff ** Changed in: horde3 (Ubuntu Feisty) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
** Attachment added: edgy_horde3_3.1.3-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12921547/edgy_horde3_3.1.3-1ubuntu0.1.debdiff ** Changed in: horde3 (Ubuntu Edgy) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203456] Re: [horde3] [CVE-2008-1284] information disclosure
** Attachment added: dapper_horde3_3.1.1-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12921654/dapper_horde3_3.1.1-1ubuntu0.1.debdiff ** Changed in: horde3 (Ubuntu Dapper) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- [horde3] [CVE-2008-1284] information disclosure https://bugs.launchpad.net/bugs/203456 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203459] Re: [lighttpd] [CVE-2008-1270] arbitrary file disclosure
*** This bug is a duplicate of bug 200987 *** https://bugs.launchpad.net/bugs/200987 ** This bug has been marked a duplicate of bug 200987 CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable -- [lighttpd] [CVE-2008-1270] arbitrary file disclosure https://bugs.launchpad.net/bugs/203459 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 174112] Re: [openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
** Bug watch added: Gentoo Bugzilla #200771 http://bugs.gentoo.org/show_bug.cgi?id=200771 ** Also affects: openoffice.org (Gentoo Linux) via http://bugs.gentoo.org/show_bug.cgi?id=200771 Importance: Unknown Status: Unknown -- [openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB) https://bugs.launchpad.net/bugs/174112 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 174112] Re: [openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
** Bug watch added: Gentoo Bugzilla #201799 http://bugs.gentoo.org/show_bug.cgi?id=201799 ** Also affects: hsqldb (Gentoo Linux) via http://bugs.gentoo.org/show_bug.cgi?id=201799 Importance: Unknown Status: Unknown -- [openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB) https://bugs.launchpad.net/bugs/174112 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 172283] Re: [wireshark] multiple vulnerabilities
** Attachment added: gutsy_wireshark_0.99.6rel-3ubuntu0.2.debdiff http://launchpadlibrarian.net/12856998/gutsy_wireshark_0.99.6rel-3ubuntu0.2.debdiff -- [wireshark] multiple vulnerabilities https://bugs.launchpad.net/bugs/172283 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Changed in: libnet-dns-perl (Ubuntu Gutsy) Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Bug watch added: Debian Bug tracker #457445 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457445 ** Also affects: libnet-dns-perl (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457445 Importance: Unknown Status: Unknown -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 172283] Re: [wireshark] multiple vulnerabilities
yes -- [wireshark] multiple vulnerabilities https://bugs.launchpad.net/bugs/172283 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 172283] Re: [wireshark] multiple vulnerabilities
removed duplicated CVS ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6440 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6442 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6443 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6444 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6445 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6446 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6447 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6448 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6449 -- [wireshark] multiple vulnerabilities https://bugs.launchpad.net/bugs/172283 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] [NEW] CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
*** This bug is a security vulnerability *** Public security bug reported: Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program croak) via a crafted DNS response. http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-6341 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457445 Fixed in hardy by sync from Debian Unstable, bug #201454 ** Affects: libnet-dns-perl (Ubuntu) Importance: Medium Assignee: Emanuele Gentili (emgent) Status: In Progress ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6341 ** Changed in: libnet-dns-perl (Ubuntu) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Attachment added: gutsy_libnet-dns-perl_0.60-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12829929/gutsy_libnet-dns-perl_0.60-1ubuntu0.1.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
please use this, corrected debdiff. ** Attachment added: gutsy_libnet-dns-perl_0.60-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12830410/gutsy_libnet-dns-perl_0.60-1ubuntu0.1.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Attachment added: feisty_libnet-dns-perl_0.59-1build1.2.debdiff http://launchpadlibrarian.net/12830482/feisty_libnet-dns-perl_0.59-1build1.2.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Attachment added: edgy_libnet-dns-perl_0.57-1ubuntu1.1.debdiff http://launchpadlibrarian.net/12830571/edgy_libnet-dns-perl_0.57-1ubuntu1.1.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
corrected debdiff for edgy. ** Attachment added: edgy_libnet-dns-perl_0.57-1ubuntu1.1.debdiff http://launchpadlibrarian.net/12830646/edgy_libnet-dns-perl_0.57-1ubuntu1.1.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
dapper ready too, waiting uploads. Thanks. ** Attachment added: dapper_libnet-dns-perl_0.53-2ubuntu1.1.debdiff http://launchpadlibrarian.net/12830662/dapper_libnet-dns-perl_0.53-2ubuntu1.1.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 205721] Re: CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response.
** Attachment removed: gutsy_libnet-dns-perl_0.60-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12829929/gutsy_libnet-dns- perl_0.60-1ubuntu0.1.debdiff ** Attachment removed: edgy_libnet-dns-perl_0.57-1ubuntu1.1.debdiff http://launchpadlibrarian.net/12830571/edgy_libnet-dns- perl_0.57-1ubuntu1.1.debdiff -- CVE-2007-6341 libnet-dns-perl possible denial of service (program croak) via a crafted DNS response. https://bugs.launchpad.net/bugs/205721 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 172283] Re: [wireshark] multiple vulnerabilities
CVE-2008-1071 does not seem to be reproducible in gutsy. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2144 -- [wireshark] multiple vulnerabilities https://bugs.launchpad.net/bugs/172283 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 190594] Re: Please merge wordpress 2.3.3+fr-1 (universe) from Debian unstable
s/sync/merge/ -- Please merge wordpress 2.3.3+fr-1 (universe) from Debian unstable https://bugs.launchpad.net/bugs/190594 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 190594] Re: Please merge wordpress 2.3.3+fr-1 (universe) from Debian unstable
It's possible procede to sync. ** Changed in: wordpress (Ubuntu) Importance: Undecided = Wishlist Status: New = Confirmed -- Please merge wordpress 2.3.3+fr-1 (universe) from Debian unstable https://bugs.launchpad.net/bugs/190594 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: feisty_smarty_2.6.14-1ubuntu0.7.04.1.debdiff http://launchpadlibrarian.net/12783891/feisty_smarty_2.6.14-1ubuntu0.7.04.1.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: edgy_smarty_2.6.14-1ubuntu0.6.10.1.debdiff http://launchpadlibrarian.net/12783896/edgy_smarty_2.6.14-1ubuntu0.6.10.1.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
** Changed in: gosa (Ubuntu Gutsy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: gosa (Ubuntu Feisty) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = Confirmed ** Changed in: gosa (Ubuntu Feisty) Status: Confirmed = In Progress ** Changed in: gosa (Ubuntu Edgy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: gosa (Ubuntu Dapper) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 173610] Re: [asterisk] [CVE-2007-6170] missing input sanitising
working to it. -- [asterisk] [CVE-2007-6170] missing input sanitising https://bugs.launchpad.net/bugs/173610 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 176175] Re: CVE-2007-6263: security vulnerability in linux-ftpd-ssl
** Changed in: linux-ftpd-ssl (Ubuntu Gutsy) Importance: Undecided = Medium Status: New = Confirmed ** Changed in: linux-ftpd-ssl (Ubuntu Feisty) Importance: Undecided = Medium Status: New = Confirmed ** Changed in: linux-ftpd-ssl (Ubuntu Edgy) Importance: Undecided = Medium Status: New = Confirmed ** Changed in: linux-ftpd-ssl (Ubuntu Dapper) Importance: Undecided = Medium Status: New = Confirmed -- CVE-2007-6263: security vulnerability in linux-ftpd-ssl https://bugs.launchpad.net/bugs/176175 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203461] Re: [unzip] [CVE-2008-0888] potential code execution
** Bug watch added: Gentoo Bugzilla #213761 http://bugs.gentoo.org/show_bug.cgi?id=213761 ** Also affects: unzip (Gentoo Linux) via http://bugs.gentoo.org/show_bug.cgi?id=213761 Importance: Unknown Status: Unknown -- [unzip] [CVE-2008-0888] potential code execution https://bugs.launchpad.net/bugs/203461 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
** Changed in: gosa (Ubuntu) Importance: Undecided = Critical Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = Confirmed -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
Package fixed and build fine [1], tested and working fine too [2]. [1] https://edge.launchpad.net/~emgent/+archive [2] http://thc.emanuele-gentili.com/gosa/ ** Attachment added: hardy_gosa_2.5.13-1ubuntu1.debdiff http://launchpadlibrarian.net/12762818/hardy_gosa_2.5.13-1ubuntu1.debdiff -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
The package is broken, does not allow the installation and operation of the package itself. Debian was felt with the proposal to use the fix above attached. It's possible patch it in debian/rules changing: require(/usr/share/php/smarty/libs/Smarty.class.php); to require(/usr/share/php/smarty/Smarty.class.php); ** Attachment added: gutsy_proposed_gosa_2.5.11a-1ubuntu1.debdiff http://launchpadlibrarian.net/12763108/gutsy_proposed_gosa_2.5.11a-1ubuntu1.debdiff -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
** Attachment added: feisty_proposed_gosa_2.5.8-1ubuntu1.debdiff http://launchpadlibrarian.net/12763205/feisty_proposed_gosa_2.5.8-1ubuntu1.debdiff -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
** Attachment added: dapper_proposed_gosa_2.4-1ubuntu1.debdiff http://launchpadlibrarian.net/12763288/dapper_proposed_gosa_2.4-1ubuntu1.debdiff ** Changed in: gosa (Ubuntu) Status: Confirmed = In Progress -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 157406] Re: gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL
** Attachment added: edgy_proposed_gosa_2.5.2-1ubuntu1.debdiff http://launchpadlibrarian.net/12763250/edgy_proposed_gosa_2.5.2-1ubuntu1.debdiff -- gosa: vanilla installation results in Call to undefined function get_template_path() when accesing URL https://bugs.launchpad.net/bugs/157406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 199620] Re: [REGRESSION] Wireless iwl3945 No Longer Works (Ubuntu 8.04 Alpha 6)
** Changed in: ubuntu Importance: Undecided = Critical Status: New = Confirmed -- [REGRESSION] Wireless iwl3945 No Longer Works (Ubuntu 8.04 Alpha 6) https://bugs.launchpad.net/bugs/199620 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 199620] Re: [REGRESSION] Wireless iwl3945 No Longer Works (Ubuntu 8.04 Alpha 6)
** Changed in: ubuntu Importance: Critical = Undecided Status: Confirmed = New -- [REGRESSION] Wireless iwl3945 No Longer Works (Ubuntu 8.04 Alpha 6) https://bugs.launchpad.net/bugs/199620 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 203105] [NEW] update-manager crash
Public bug reported: Binary package hint: update-manager Binary package hint: update-manager If starting update-manager, it crashes with the error: 'E:Il pacchetto secondlife-install deve essere reinstallato, ma non si riesce a trovare un archivio per esso.' I have Ubuntu 7.10 Gutsy , I don't know the exact version of update manager, because it never starts. Thank you Emanuele Manco ** Affects: update-manager (Ubuntu) Importance: Undecided Status: New -- update-manager crash https://bugs.launchpad.net/bugs/203105 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Changed in: smarty (Ubuntu Gutsy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: smarty (Ubuntu Feisty) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: smarty (Ubuntu Edgy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: smarty (Ubuntu Dapper) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] [NEW] CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
*** This bug is a security vulnerability *** Public security bug reported: The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1066 ** Affects: smarty (Ubuntu) Importance: Medium Assignee: Emanuele Gentili (emgent) Status: Confirmed ** Affects: smarty (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1066 ** Changed in: smarty (Ubuntu) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = Confirmed ** Bug watch added: Debian Bug tracker #469492 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492 ** Also affects: smarty (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492 Importance: Unknown Status: Unknown -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: hardy_smarty_2.6.18-1ubuntu3.debdiff http://launchpadlibrarian.net/12683015/hardy_smarty_2.6.18-1ubuntu3.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: gutsy_smarty_2.6.18-1ubuntu2.1.debdiff http://launchpadlibrarian.net/12683052/gutsy_smarty_2.6.18-1ubuntu2.1.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: feisty_smarty_2.6.14-1ubuntu0.7.04.debdiff http://launchpadlibrarian.net/12683072/feisty_smarty_2.6.14-1ubuntu0.7.04.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: edgy_smarty_2.6.14-1ubuntu0.6.10.debdiff http://launchpadlibrarian.net/12683082/edgy_smarty_2.6.14-1ubuntu0.6.10.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Attachment added: dapper_smarty_2.6.11-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12683095/dapper_smarty_2.6.11-1ubuntu0.1.debdiff -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202422] Re: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
** Changed in: smarty (Ubuntu) Status: Confirmed = In Progress -- CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates https://bugs.launchpad.net/bugs/202422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202332] Re: mailman broken after security upgrade on gutsy
Thanks for notice, i'm working to it. Sim IJskes please attach your cleaned diff, I will consider this. Thanks for all ** Changed in: mailman (Ubuntu) Importance: Undecided = Critical Status: Confirmed = In Progress -- mailman broken after security upgrade on gutsy https://bugs.launchpad.net/bugs/202332 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202332] Re: mailman broken after security upgrade on gutsy
** Attachment added: gutsy_mailman_2.1.9-8ubuntu0.2.debdiff http://launchpadlibrarian.net/12685272/gutsy_mailman_2.1.9-8ubuntu0.2.debdiff -- mailman broken after security upgrade on gutsy https://bugs.launchpad.net/bugs/202332 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202332] Re: mailman broken after security upgrade on gutsy
** Attachment added: feisty_mailman_2.1.9-4ubuntu1.2.debdiff http://launchpadlibrarian.net/12685438/feisty_mailman_2.1.9-4ubuntu1.2.debdiff -- mailman broken after security upgrade on gutsy https://bugs.launchpad.net/bugs/202332 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202332] Re: mailman broken after security upgrade on gutsy
It's possible use my PPA for temporarily fix the problem. https://edge.launchpad.net/~emgent/+archive pitti working to upload my fix in security repository. Thanks to all. -- REGRESSION: mailman broken after security upgrade on gutsy https://bugs.launchpad.net/bugs/202332 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202332] Re: REGRESSION: mailman broken after security upgrade on gutsy
** Changed in: mailman (Ubuntu Gutsy) Importance: Undecided = Critical Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: mailman (Ubuntu Feisty) Importance: Undecided = Critical Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- REGRESSION: mailman broken after security upgrade on gutsy https://bugs.launchpad.net/bugs/202332 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 202332] Re: REGRESSION: mailman broken after security upgrade on gutsy
** Changed in: mailman (Ubuntu Gutsy) Status: In Progress = Fix Committed -- REGRESSION: mailman broken after security upgrade on gutsy https://bugs.launchpad.net/bugs/202332 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 174356] Re: [zabbix] [CVE-2007-6210] privilege escalation
** Changed in: zabbix (Ubuntu) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- [zabbix] [CVE-2007-6210] privilege escalation https://bugs.launchpad.net/bugs/174356 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 174356] Re: [zabbix] [CVE-2007-6210] privilege escalation
** Changed in: zabbix (Ubuntu) Assignee: Emanuele Gentili (emgent) = (unassigned) Status: In Progress = Confirmed -- [zabbix] [CVE-2007-6210] privilege escalation https://bugs.launchpad.net/bugs/174356 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 199338] Re: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
** Changed in: mailman (Ubuntu Edgy) Status: Fix Committed = Fix Released ** Changed in: mailman (Ubuntu Dapper) Status: Fix Committed = Fix Released -- [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman https://bugs.launchpad.net/bugs/199338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu Edgy) Status: Fix Committed = Fix Released ** Changed in: phpmyadmin (Ubuntu Dapper) Status: Fix Committed = Fix Released -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 191205] Re: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
** Changed in: wml (Ubuntu Edgy) Status: Fix Committed = Fix Released ** Changed in: wml (Ubuntu Dapper) Status: Fix Committed = Fix Released -- [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files https://bugs.launchpad.net/bugs/191205 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu Dapper) Status: Confirmed = In Progress -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 191205] Re: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
** Attachment added: edgy_wml_2.0.8-11ubuntu0.6.10.debdiff http://launchpadlibrarian.net/12672713/edgy_wml_2.0.8-11ubuntu0.6.10.debdiff -- [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files https://bugs.launchpad.net/bugs/191205 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 191205] Re: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
** Attachment added: dapper_wml_2.0.8-11ubuntu0.6.06.debdiff http://launchpadlibrarian.net/12672726/dapper_wml_2.0.8-11ubuntu0.6.06.debdiff ** Changed in: wml (Ubuntu Edgy) Status: Incomplete = In Progress ** Changed in: wml (Ubuntu Dapper) Status: Incomplete = In Progress -- [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files https://bugs.launchpad.net/bugs/191205 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
sorry for delay. ** Attachment added: dapper_phpmyadmin_2.8.0.3-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12673013/dapper_phpmyadmin_2.8.0.3-1ubuntu0.1.debdiff -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 82003] Re: phpmyadmin has several security bugs
Martin Jürgens, Thanks for your work. Please attach your debdiff. Thanks -- phpmyadmin has several security bugs https://bugs.launchpad.net/bugs/82003 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 180978] Re: [wzdftpd] [CVE-2007-5300] DoS vulnerability
** Changed in: wzdftpd (Ubuntu) Importance: Undecided = Medium Status: New = Fix Released -- [wzdftpd] [CVE-2007-5300] DoS vulnerability https://bugs.launchpad.net/bugs/180978 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 199338] Re: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
I dont understand problem about Dapper and Edgy, i was update maintainer field out the patch system, where is the problem? Cheers, Emanuele -- [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman https://bugs.launchpad.net/bugs/199338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 199338] Re: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
Thanks, please use this for upload. ** Attachment added: dapper_mailman_2.1.5-9ubuntu4.2.debdiff http://launchpadlibrarian.net/12661923/dapper_mailman_2.1.5-9ubuntu4.2.debdiff -- [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman https://bugs.launchpad.net/bugs/199338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 199338] Re: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
Thanks, please use this for upload in edgy. ** Attachment added: edgy_mailman_2.1.8-2ubuntu2.1.debdiff http://launchpadlibrarian.net/12661948/edgy_mailman_2.1.8-2ubuntu2.1.debdiff ** Changed in: mailman (Ubuntu Dapper) Status: Incomplete = In Progress ** Changed in: mailman (Ubuntu Edgy) Status: Incomplete = In Progress -- [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman https://bugs.launchpad.net/bugs/199338 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 191205] Re: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
** Attachment added: dapper_wml_2.0.8-11ubuntu0.6.06.debdiff http://launchpadlibrarian.net/12661969/dapper_wml_2.0.8-11ubuntu0.6.06.debdiff -- [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files https://bugs.launchpad.net/bugs/191205 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 191205] Re: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
** Attachment added: edgy_wml_2.0.8-11ubuntu0.6.10.debdiff http://launchpadlibrarian.net/12661970/edgy_wml_2.0.8-11ubuntu0.6.10.debdiff ** Changed in: wml (Ubuntu Edgy) Status: Incomplete = In Progress ** Changed in: wml (Ubuntu Dapper) Status: Incomplete = In Progress -- [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files https://bugs.launchpad.net/bugs/191205 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
yada rebuild control by default, i will work to it. ** Changed in: phpmyadmin (Ubuntu Feisty) Status: Incomplete = Confirmed ** Changed in: phpmyadmin (Ubuntu Dapper) Status: Incomplete = Confirmed -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] [NEW] CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
*** This bug is a security vulnerability *** Public security bug reported: mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory. http://trac.lighttpd.net/trac/ticket/1587 http://trac.lighttpd.net/trac/changeset/2120 ** Affects: lighttpd (Ubuntu) Importance: Undecided Status: Confirmed ** Affects: lighttpd (Ubuntu Dapper) Importance: Undecided Status: Confirmed ** Affects: lighttpd (Ubuntu Edgy) Importance: Undecided Status: Confirmed ** Affects: lighttpd (Ubuntu Feisty) Importance: Undecided Status: Confirmed ** Affects: lighttpd (Ubuntu Gutsy) Importance: Undecided Status: Confirmed ** Affects: lighttpd (Ubuntu Hardy) Importance: Undecided Status: Confirmed ** Visibility changed to: Public -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Attachment added: hardy_lighttpd_1.4.18-1ubuntu6.debdiff http://launchpadlibrarian.net/12574001/hardy_lighttpd_1.4.18-1ubuntu6.debdiff -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Changed in: lighttpd (Ubuntu Gutsy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Changed in: lighttpd (Ubuntu Hardy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Attachment added: gutsy_lighttpd_1.4.18-1ubuntu1.3.debdiff http://launchpadlibrarian.net/12574214/gutsy_lighttpd_1.4.18-1ubuntu1.3.debdiff -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Attachment added: feisty_lighttpd_1.4.13-9ubuntu4.5.debdiff http://launchpadlibrarian.net/12574269/feisty_lighttpd_1.4.13-9ubuntu4.5.debdiff ** Changed in: lighttpd (Ubuntu Feisty) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Attachment added: edgy_lighttpd_1.4.13~r1370-1ubuntu1.6.debdiff http://launchpadlibrarian.net/12574336/edgy_lighttpd_1.4.13%7Er1370-1ubuntu1.6.debdiff ** Changed in: lighttpd (Ubuntu Edgy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 200987] Re: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
** Attachment added: dapper_lighttpd_1.4.11-3ubuntu3.8.debdiff http://launchpadlibrarian.net/12575809/dapper_lighttpd_1.4.11-3ubuntu3.8.debdiff ** Changed in: lighttpd (Ubuntu Dapper) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress -- CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable https://bugs.launchpad.net/bugs/200987 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs