On Thu, Aug 26, 2010 at 08:21:42AM +0900, Nobuhiro Iwamatsu wrote: > tags 594414 lenny > thanks > > Hi, > > Thanks for your report. > > On Wed, Aug 25, 2010 at 09:58:56PM +0200, Moritz Muehlenhoff wrote: > > Package: slim > > Severity: grave > > Tags: security > > > > The following was reported to oss-security: > > > > -- > > > > SLiM versions prior to 1.3.1 assigned logged on users a predefined PATH > > which included './'. This allowed unintentional code execution (e.g. > > planted binary) and has been fixed by the developers in version 1.3.2. > > > > Fix: > > http://svn.berlios.de/wsvn/slim?op=comp&compare[]=/@170&compare[]=/@171 > > slim has this problem only lenny. Oh, I misunderstand. All distribution has this.
> I'll fix soon. Best regards, Nobuhiro -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
