* Serious security flaw in Gnatsweb
@ 2001-06-26 13:42 Yngve Svendsen
0 siblings, 0 replies; only message in thread
From: Yngve Svendsen @ 2001-06-26 13:42 UTC (permalink / raw)
To: gnats-devel, bug-gnats
Gnatsweb versions 2.7 beta, 2.8.0 and 2.8.1 have a serious security hole,
potentially allowing an attacker to read or execute files on the Gnatsweb
server machine. A security advisory, with fixes, are available from
http://sources.redhat.com/gnats/gnatsweb/advisory-jun-26-2001.html
I urge people running the affected Gnatsweb versions to apply the fixes
immediately, or download version 2.8.2 of Gnatsweb which incorporates the fix.
People running Gnatsweb 3.95 for GNATS 4 from CVS, checked out prior to
June 26 2001 12:15 PDT should check out the newest version, which
incorporates the fix.
Yngve Svendsen
Gnatsweb maintainer
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2001-06-26 13:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-06-26 13:42 Serious security flaw in Gnatsweb Yngve Svendsen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).