retitle 506353 CVE-2008-5312/3: mailscanner might allow local users to
overwrite arbitrary files via a symlink attack
thanks
On Wednesday 03 December 2008, Simon Walter wrote:
>
> Hello,
Hello,
[...]
>
> I have put Julian Field (upstream author) in CC to inform him about
> all this. (@Julian: t
package mailscanner
tags 506353 help upstream confirmed
thanks
Hello,
Mark Purcell <[EMAIL PROTECTED]> writes:
> On Friday 21 November 2008 08:24:46 Raphael Geissert wrote:
>> I'm using severity grave as this package should definitely not be shipped
>> in any release as is.
>
> Simon,
>
> This R
On Friday 21 November 2008 08:24:46 Raphael Geissert wrote:
> I'm using severity grave as this package should definitely not be shipped
> in any release as is.
Simon,
This RC bug was reported almost two weeks ago without any comment from you.
Are you in a position to investigate and propose a wa
Package: mailscanner
Version: 4.55.10-3
Severity: grave
Tags: security
Hi,
I have found more issues on the autoupdate scripts and other files shipped by
mailscanner than those reported in CVE-2008-5140[1].
In 4.55.10-3, grepping the files throw this:
/etc/MailScanner/autoupdate/:
> f-prot-autou
4 matches
Mail list logo