Package: pyspread
Version: 0.2.2-1
Tags: security
pyspread creates its configuration file with the default permissions,
and then it chmod's it to 0600. If an attacker manages to open the
config file before it's chmod'ed, he can steal the PGP passphrase.
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.7-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages pyspread depends on:
ii python 2.7.3-4
ii python-numpy 1:1.7.0-1
ii python-pyme 1:0.8.1-2
ii python-wxgtk2.8 2.8.12.1-12
Versions of packages pyspread recommends:
ii python-gmpy 1.15-1
pn python-rpy <none>
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
