Bug#1009820: snort: Privilege escalation due to insecure use of logrotate

Package: snort Version: 2.9.15.1-5 Severity: critical Tags: security upstream Justification: root security hole X-Debbugs-Cc: sec-advis...@ait.ac.at Dear Maintainer, The path of the logdirectory of snort can be manipulated by user Snort in Debian Bullseye: # ls -ld /var/log/snort/ drwxr-s--- 3

Bug#928304: groonga-httpd: Privilege escalation due to insecure use of logrotate

Package: groonga-httpd Version: 6.1.5-1 Severity: critical Tags: security Justification: root security hole Dear Maintainer, The path of the logdirectory of groonga-httpd can be manipulated by user groonga: ls -l /var/log/groonga total 8 -rw-r--r-- 1 rootroot1296 Apr 25 18:44

Bug#843558: squidguard: Problem in update-squidguard and tabs in squidguard.conf

Package: squidguard Version: 1.5-4 Severity: important Tags: patch Dear Maintainer, I have a tab instead of a whitespace in my squidguar.conf in the following line: dbhome /var/lib/squidguard/db If I call update-squidguard on Debian Jessie i'll get the following output: root@34697f9f06a2:/#

Bug#729882: Error: either local is duplicate, or eth0 is a garbage

, if i use the address 172.17.0.232 If i use the main-ip(172.17.0.202) of the interface, the problem doesn't appear. This is a big problem for me, since i want to use openswan on a heartbeat-shared-ip-address. Thank you very much Wolfgang Hotwagner -- System Information: Debian Release: 7.2