Package: blosxom
Version: 2.0-14
Severity: grave
Tags: security
Justification: user security hole
On line 69, param(-f) is used as a potential configuration file:
for $rcfile (/etc/blosxom/blosxom.conf, /etc/blosxom.conf, param(-f)) {
if (-r $rcfile) {
open (RC, $rcfile) or die Cannot
This one time, at band camp, Neale Pickett said:
On line 69, param(-f) is used as a potential configuration file:
for $rcfile (/etc/blosxom/blosxom.conf, /etc/blosxom.conf, param(-f)) {
if (-r $rcfile) {
open (RC, $rcfile) or die Cannot open $rcfile: $!;
while (RC) {
2 matches
Mail list logo