configurations that rely on /run/fcgiwrap.socket being world connectable.
Is this intended behaviour? Doesn't it break user's expectations, as suddenly
everyone can influence httpd (nginx slaves also run under www-data, for
example)?
- BEGIN PATCH -
Author: Anton Luka Šijanec
D
Hello!
> If you fix the vulnerability please also make sure to include the CVE (Common
> Vulnerabilities & Exposures) id in your changelog entry.
I made a debdiff for myself according to upstream instructions from the patch
[0]. It is attached to this e-mail.
Link to the upstream patch was foun
2 matches
Mail list logo