subject:"Bug#577057\: CVE\-2010\-0826\: allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module."

Bug#577057: CVE-2010-0826: allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module.

2010-10-01 Thread Moritz Muehlenhoff

On Fri, Apr 09, 2010 at 11:26:12AM +0200, Giuseppe Iuculano wrote: > Package: libnss-db > Severity: important > Tags: security > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for libnss-db. > > CVE-2010-0826[

Bug#577057: CVE-2010-0826: allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module.

2010-04-09 Thread Giuseppe Iuculano

Package: libnss-db Severity: important Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libnss-db. CVE-2010-0826[0]: | The Free Software Foundation (FSF) Berkeley DB NSS module (aka | libnss-db) 2.2.3pre1