*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: debian-goodies References: DSA-1527-1 (http://www.debian.org/security/2008/dsa-1527) Quoting: "Thomas de Grenier de Latour discovered that the checkrestart tool in the debian-goodies suite of utilities, allowed local users to gain privileges via shell metacharacters in the name of the executable file for a running process." ** Affects: debian-goodies (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: debian-goodies (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-3912 ** Bug watch added: Debian Bug tracker #440411 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440411 ** Also affects: debian-goodies (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440411 Importance: Unknown Status: Unknown -- [debian-goodies] [CVE-2007-3912] insufficient input sanitising https://bugs.launchpad.net/bugs/210128 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs