Package: ipsec-tools Version: 1:0.5-3 Severity: grave Justification: user security hole
In restart target of the setkey init script setkey is run with the following command: $SETKEY -f $SETKEY_CONF: This fails of course since it appends ':' to the configuration file name. Potential security hole introduced if the init script is used to apply new secure configuration over previous insecure one but this fails due to the typo in the script. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.10 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages ipsec-tools depends on: ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libreadline5 5.0-10 GNU readline and history libraries -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
