oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: prewikka permission bug

From: Josh Bressers <bressers () redhat com>
Date: Thu, 3 Jun 2010 14:30:39 -0400 (EDT)
Please use CVE-2010-2058

Thanks.

-- 
    JB


----- "Stefan Behte" <craig () gentoo org> wrote:


Hi,

I couldn't find a CVE for this:

"The permissions on the prewikka.conf file are world readable and
contain the sql database password used by prewikka. This update makes
it
readable just by the apache group."

https://dev.prelude-technologies.com/projects/prewikka/repository/revisions/17e38c310410be1b7811152172cda4438936063d

Redhat and Gentoo were affected, I'm not sure about others.

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00771.html

https://bugs.gentoo.org/show_bug.cgi?id=270056


Best regards,

Stefan Behte
Previous By Date Next
Previous By Thread Next

Current thread: