[Bug 844743] Re: Unescaped shell command vulnerabilities

Launchpad Bug Tracker Thu, 08 Sep 2011 20:11:06 -0700

This bug was fixed in the package bcfg2 - 0.9.6-0ubuntu2.1.10.04.1

---------------
bcfg2 (0.9.6-0ubuntu2.1.10.04.1) lucid-security; urgency=high


  * SECURITY UPDATE: missing input sanitization allowing execution
    of arbitrary commands (LP: #844743)
    - backported fix from upstream by Chris St. Pierre
    - https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1
    - CVE-2011-3211
 -- Julian Taylor <[email protected]>   Thu, 08 Sep 2011 15:17:00 
+0200

** Changed in: bcfg2 (Ubuntu Hardy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/844743

Title:
  Unescaped shell command vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bcfg2/+bug/844743/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 844743] Re: Unescaped shell command vulnerabilities

Reply via email to