Control: tags -1 -moreinfo -unreproducible +confirmed Hi Simon,
On 21-11-15 13:55, Simon Ruderich wrote: > I just checked the source and found the problem. The backup file > is touched before setting the umask, thus creating it with the > insecure permissions. Attached is a patch against the version in > Jessie (and another for sid). Thanks for investigating and for the patch. I'll verify with all my regression tests that this is indeed the correct fix (it sure looks like it, but I rather be safe). If so I'll contact the security team to check if this should be fixed in wheezy and jessie as well. Paul
signature.asc
Description: OpenPGP digital signature
