The following issue has been REOPENED. ====================================================================== https://www.opencsw.org/mantis/view.php?id=4769 ====================================================================== Reported By: jay Assigned To: bwalton ====================================================================== Project: findutils Issue ID: 4769 Category: upgrade Reproducibility: always Severity: major Priority: normal Status: feedback ====================================================================== Date Submitted: 2011-05-14 14:50 CEST Last Modified: 2011-05-15 18:10 CEST ====================================================================== Summary: Current stable release is vulnerable to CVE-2007-2452 Description: GNU Findutils release 4.2.31 fixes CVE-2007-2452 but stable is 4.2.30, and so it's vulnerable. ======================================================================
---------------------------------------------------------------------- (0009055) jay (reporter) - 2011-05-15 18:10 https://www.opencsw.org/mantis/view.php?id=4769#c9055 ---------------------------------------------------------------------- Actually I'm not running either current or stable, I'm the upstream maintainer. But having a "stable" release with a potential local root exploit isn't a good idea. _______________________________________________ bug-notifications mailing list [email protected] https://lists.opencsw.org/mailman/listinfo/bug-notifications
