oss-sec mailing list archives

prewikka permission bug


From: Stefan Behte <craig () gentoo org>
Date: Wed, 02 Jun 2010 00:50:20 +0200

Hi,

I couldn't find a CVE for this:

"The permissions on the prewikka.conf file are world readable and
contain the sql database password used by prewikka. This update makes it
readable just by the apache group."

https://dev.prelude-technologies.com/projects/prewikka/repository/revisions/17e38c310410be1b7811152172cda4438936063d

Redhat and Gentoo were affected, I'm not sure about others.

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00771.html

https://bugs.gentoo.org/show_bug.cgi?id=270056


Best regards,

Stefan Behte


Current thread: