oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: CVE request: bacula: Console ACL Bypass

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 14 Sep 2012 23:27:53 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/14/2012 12:49 PM, Agostino Sarubbo wrote:

On Friday 14 September 2012 20:21:27 you wrote:

Patch:
http://sourceforge.net/projects/bacula/files/bacula/5.2.11/0001-Fix-



bug-1932-director-crash.patch


Wrong link. This is the right commit code: 
http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905


http://www.bacula.org/en/?page=news
Version



5.2.11 version is a bug fix release.
Make dump_resource respect console ACL's (security fix)

Please use CVE-2012-4430 for this issue.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQVBHZAAoJEBYNRVNeJnmTClQP+gJTYbyU3TQRwlS+Uw/WRVgY
VLXgNj/LyL79xeUWnHFp9G5PQ0/PBke3pQUcN4m0aRj5VGXO+qncFZzApxwUtrFJ
n6Ryyi9Pimhyt/P3AEJtM0GrNO0foicumrT1RmV+JABW32zm93xAgXWaj5CnPj0F
x58Ze2OQf/+ISYik2QwARpTDn2xC7OkCwzuirDrG1ZcqTRwuZz3dlfVAHb7P61dD
h75B2MPa4YT8qkwnetF4GpIB26jPe3jOnTgnZ0G7eJrw4SpXzQYRBKPcxTRVCICz
xKWR8/RhRxb70+7FIx48MsnlNLZEflN96yuzJTeugSeGNBTAxw95GPsxnAy+dz94
RfUpoPd2oYh9W1LnlzgUOc3lAb7fL8pEij1F1z/L+Iww/25lT9tNOn4yx6pFcjny
454rEMs/BXuzXcoSqQSDeiUuOm8xlaWjNCAXc0QNoSE0FmEn7UR6laNOL/TG18XP
9KFywuzFHC5nJ0htOj9hCYGWs1JG/uQcIxTJ5gbIBUc5nVPedyoCKDGn8H0wNGHN
9mJ3oU3ue7j7Vht0bc6dAVTOUP+GGdw7WpW3oYbIdAzrInfLa+rMJUpz0OXR4+7R
IA5nyDD4Vet1opUTF7pLXQfubAbqJQNJXg/r4haVZPuBNJO/dwB03ksZXP0xHbcr
cCsGatjD/vv7whBjAoPP
=jLGU
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: