oss-sec mailing list archives

Re: CVE id request: tmux (debian specific)

From: Josh Bressers <bressers () redhat com>
Date: Wed, 6 Apr 2011 13:44:09 -0400 (EDT)

Please use CVE-2011-1496

Thanks.

-- 
    JB


----- Original Message -----

Hey,
due to a patch that was introduced to our tmux package, tmux is not
properly
dropping group privileges anymore when invoked with -S (tmux is
installed
setgid).

Bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620304
Can I get a CVE id for this?

Cheers
Nico

--
Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG:
0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Current thread:

CVE id request: tmux (debian specific) Nico Golde (Apr 05)
- Re: CVE id request: tmux (debian specific) Josh Bressers (Apr 06)