On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote:
> Package: sympa
> Version: 5.3.4-6.1
> Severity: normal
>
> Hi.
>
> I just upgraded one of my servers from etch to lenny and got :
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure
> $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN>
> line 37.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure EXEC
> while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 37.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure
> $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN>
> line 77.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure EXEC
> while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 77.
> in the apache logs.
>
> Dunno what's wrong actually :(
>
OK, found :
# grep /bin/cat /etc/sympa/sympa.conf
syslog `/bin/cat /etc/sympa/facility`
cookie `/bin/cat /etc/sympa/cookie`
... OK, I can patch that, then.
But that doesn't help fix that for good.
Hope this helps,
Regards,
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
