Package: open-iscsi Tags: security A minor DoS vulnerability has been discovered in open-iscsi:
| usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before | 2.0-865 uses a semaphore with insecure permissions | (world-writable/world-readable) for managing log messages using shared | memory, which allows local users to cause a denial of service (hang) | by grabbing the semaphore. <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3100> I don't know if this is worth a security update for stable. Please mention the name CVE-2007-3100 in the changelog when fixing this bug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
