On Tue, May 12, 2009 at 04:53:41PM -0500, Jamie Strandboge wrote: > I then reviewed the Ubuntu and Debian packages and found that while the most > serious issue of not checking setuid() was addressed in 3.0pl1-64, checks for > setgid() and initgroups() were not added. Other distributions (eg Gentoo and > RedHat) fixed these calls as well. I was then curious to see when these (...)
Thanks for noticing this, I have just uploaded a package including this fix. Regards Javier
signature.asc
Description: Digital signature
