oss-sec mailing list archives
prewikka permission bug
From: Stefan Behte <craig () gentoo org>
Date: Wed, 02 Jun 2010 00:50:20 +0200
Hi, I couldn't find a CVE for this: "The permissions on the prewikka.conf file are world readable and contain the sql database password used by prewikka. This update makes it readable just by the apache group." https://dev.prelude-technologies.com/projects/prewikka/repository/revisions/17e38c310410be1b7811152172cda4438936063d Redhat and Gentoo were affected, I'm not sure about others. https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00771.html https://bugs.gentoo.org/show_bug.cgi?id=270056 Best regards, Stefan Behte
Current thread:
- prewikka permission bug Stefan Behte (Jun 01)
- Re: prewikka permission bug Josh Bressers (Jun 03)