Public bug reported:
The reason for a ubuntu version was a securetty issue:
---
kphone (1:4.2-3ubuntu1) dapper; urgency=low
* SECURITY UPDATE: Fix config file information leak.
* Add 02_CVE-2006-2192.dpatch
* ~/.qt/kphonerc was world readable and contained the user's SIP password
* References:
CVE-2006-2192
http://bugs.debian.org/337830
---
This is fixed in Debian so it seems:
---
* Add debian/patches/umask.diff
- Security problem in kphone (Closes: #337830)
---
Package builds in Edgy pbuilder.
http://merges.ubuntu.com/k/kphone/REPORT
** Affects: kphone (Ubuntu)
Importance: Untriaged
Status: Unconfirmed
--
[Edgy MoM] Please sync 4.2-6 from Debian
https://launchpad.net/bugs/52340
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
