On Thu, Jul 03, 2003 at 02:26:12PM +0200, Alexander Meyer wrote: > i learned from the debian-security-announce mailinglist that mantis (a > php bugtracking system) has insecure permissions on the configfile that > stores the database password. so i did an 'apt-get update ;apt-get > upgrade' and was quite surprised, as this upgrade didn't just fix > permissions on this file, but overwrote it without asking. it took me a > while to find out what happened, and even longer, to restore the > settings i had in this file, because the update didn't even bother > backing up the original configuration.
That's a serious bug. Please report it as such. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
