* Stefan Göbel: > Package: trac-git > Version: 0.0.20080710-3 > Severity: grave > Tags: patch security > Justification: user security hole > > > The trac-git package in Debian Lenny - if enabled in Trac - allows a > remote attacker to execute arbitrary commands on the system with the > rights of the user running Trac. The attacker must have the rights to > browse the repository in order to exploit this issue, other parts of > Trac are most likely not affected.
Thanks. I have assigned CVE-2010-0394 to this issue. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
