oss-sec mailing list archives
Re: prewikka permission bug
From: Josh Bressers <bressers () redhat com>
Date: Thu, 3 Jun 2010 14:30:39 -0400 (EDT)
Please use CVE-2010-2058 Thanks. -- JB ----- "Stefan Behte" <craig () gentoo org> wrote:
Hi, I couldn't find a CVE for this: "The permissions on the prewikka.conf file are world readable and contain the sql database password used by prewikka. This update makes it readable just by the apache group." https://dev.prelude-technologies.com/projects/prewikka/repository/revisions/17e38c310410be1b7811152172cda4438936063d Redhat and Gentoo were affected, I'm not sure about others. https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00771.html https://bugs.gentoo.org/show_bug.cgi?id=270056 Best regards, Stefan Behte
Current thread:
- prewikka permission bug Stefan Behte (Jun 01)
- Re: prewikka permission bug Josh Bressers (Jun 03)