Package: bozohttpd Version: 20111118-1 Severity: grave Tags: security upstream Justification: user security hole
Dear Maintainer, The upstream version of the program has a hole in basic http authentication. It has been patched in the latest version available from the author. See: http://www.eterna.com.au/bozohttpd/ for details -- System Information: Debian Release: 7.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages bozohttpd depends on: ii libc6 2.13-38+deb7u3 ii libssl1.0.0 1.0.1e-2+deb7u11 ii openbsd-inetd [inet-superserver] 0.20091229-2 bozohttpd recommends no packages. bozohttpd suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org