[Joey Hess]
> The only real solution to this bug is to remove support for
> passwords in the proxy setting. Making the file mode 600 by default,
> or even only if a password is present cripples the system for
> regular users by breaking apt-get source and hardly makes it anymore
> secure anyway.
A
Martin Schulze wrote:
> severity 305142 important
This is severity inflation: This bug affects a minority of a minority of
users (users who have a proxy that requires a password, have some reason
to use it for apt, and somehow have managed to avoid the inherent
security issues of the http password
severity 305142 important
tags 305142 security
thanks
Is there any motion on this problem?
==
Candidate: CAN-2005-2214
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2214
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigne
3 matches
Mail list logo