Package: odccm Version: 0.11.1-2 Severity: serious Justification: Blocks the fix for CVE-2008-4311
The config file doesn't allow introspection, which is not enabled by default, it was only working because off a bug in dbus. It's recommended that you use send_destination to allow all messages to your service. In addition, you should not use send_interface without send_destination. It's likely that all these rules could just be collapsed to one send_destination rule to solve both problems. This is a blocker for the CVE, so please fix quickly. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
