On Tue, 2020-07-21 at 15:22 +0200, Matthias Gerstner wrote: > Hello Debbie, > > > Are all of the security issues you listed below corrected by the > > patches you made available at: > > https://seclists.org/oss-sec/2020/q2/att-135/tcsd_fixes.patch ? > > well the patch is kind of a hotfix that adresses the most serious > aspects of the findings. It also breaks existing packaging, however, > because config files owned by the tss user are no longer accepted. > > Finding d), the bad example RPM spec file is not covered by the > patch. > > It should be possible to take over the patch into the upstream > repository if you communicate to users that this is a breaking > change. > > Cheers > > Matthias
Hi Matthias, I know you mentioned that this patch addresses the most serious issues. Are you continuing to work on covering remaining issues? Should expect an additional patch for those less severe issues or finding d) the changes needed to the RPM spec file example? Thanks, Debbie _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
