On Tue, 19 Sep 2006, David Starner wrote:
It's a little late to be releasing completely rewritten versions of
programs for etch. So that solution means removing findimagedupes from
etch altogether.
If I'm not completely wrong there is no freeze for packages of
priority extra (or did I missed s
On 9/19/06, Andreas Tille <[EMAIL PROTECTED]> wrote:
n Mon, 18 Sep 2006, David Starner wrote:
> Package: findimagedupes
> Version: 0.1.3-7
Just to let you know the status quo: There is a completely rewritten
verison of findimagedupes in preparation which does not show the
problem (and closes th
n Mon, 18 Sep 2006, David Starner wrote:
Package: findimagedupes
Version: 0.1.3-7
Just to let you know the status quo: There is a completely rewritten
verison of findimagedupes in preparation which does not show the
problem (and closes the other open bugs). It will be released as
package quit
Package: findimagedupes
Version: 0.1.3-7
Severity: grave
findimagedupes will execute code stored in the names of the files.
This allows arbitrary code to be executed as the user by anyone who
can add files to a directory findimagedupes is run on; hence this is a
security hole and is grave.
An ex
4 matches
Mail list logo