Package: wine Version: 0.0.20050211-1 Severity: grave Tags: security Justification: user security hole
[ Note; feel free to downgrade the severity, I chose it under the assumption that a user runs applications which store sensitive data in the registry and that Sarge should not include this vulnerability ] Hi Ove, http://bugs.winehq.com/show_bug.cgi?id=2715 describes a security flaw in Wine that affects both Sarge and sid (I don't know about Woody): Wine stores a world readable copy of the registry in /tmp. The bugtracking entry contains a patch and Marcus Meissner has commited a fix to CVS after the release of 20050310. I couldn't find a CAN assignment for this vulnerability. Cheers, Moritz -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages wine depends on: ii debconf 1.4.46 Debian configuration management sy ii libwine 0.0.20050211-1 Windows Emulator (Library) ii xbase-clients [xcont 4.3.0.dfsg.1-12.0.1 miscellaneous X clients -- debconf information: wine/del_wine_conf: true wine/install_type: Autodetect -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
