Control: retitle -1 davfs2: CVE-2013-4362: Unsecure use of system()
Hi
A CVE was assigned to this issue: CVE-2013-4362.
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: davfs2
Version: 1.4.6-1.1
Severity: critical
Tags: patch, security, upstream
davfs2 calls function system several times. Because davfs2 is setuid
root in many cases this will allow for privilege escalation.
Appended are patches for version 1.4.6 and 1.4.7 that will fix this bug.
Note:
2 matches
Mail list logo
