Raphael Hertzog skrev: > On Fri, 08 Sep 2006, Chris Morris wrote: >> Package: sql-ledger >> Severity: grave >> Tags: security >> Justification: user security hole >> >> http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4244 >> Recently fully disclosed at >> http://www.securityfocus.com/archive/1/445512/30/0/threaded >> >> Looking at the source of menu.pl it appears to work exactly as Chris >> Travers describes it. >> >> Apparently all versions from 2.4.4 onwards are affected, which includes >> the version in sarge. > > I uploaded the new upstream version 2.6.18-1 to sid, it fixes this issue. > For sarge, I created 2.4.7-2sarge1 and I uploaded it here: > http://people.debian.org/~hertzog/sql-ledger/ > > It's a full (signed) upload which can simply be uploaded to the security > archive (dist="stable-security" as per devel ref 5.8.5.3). > > The patch used is here: > http://people.debian.org/~hertzog/sql-ledger/sql-ledger.patch > > I simply applied the relevant changes between 2.6.17 and 2.6.18 to the old > 2.4.7-2 and it applied immediately. However I haven't had the time to test > if the package upgrades fine and if it still works well.
The upgrade did work ok, but I failed to see how it should fix the bug. BUt I haven't had time to look closely at it. I still have the same cookie, that tells when I logged in, the user-name i used to log in with. > I'd like other people from [EMAIL PROTECTED] to help out > with the testing. Can people confirm that the updated package works fine? It works, but I fail to see how it fixes the bug. -- Finn-Arne Johansen [EMAIL PROTECTED] http://bzz.no/ EE2A71C6403A3D191FCDC043006F1215062E6642 062E6642 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]