subject:"Bug#789543\: CVE\-2015\-3248"

Bug#789543: CVE-2015-3248

2015-07-14 Thread Bryan Sutula

On Mon, 2015-06-22 at 09:16 +0200, Moritz Muehlenhoff wrote: > Source: openhpi > Severity: important > Tags: security > > Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3248 > > On Debian /var/lib/openhpi/ isn't world-writable, but still > world-readable. Can you investigate whe

Bug#789543: CVE-2015-3248

2015-06-22 Thread Moritz Muehlenhoff

Source: openhpi Severity: important Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3248 On Debian /var/lib/openhpi/ isn't world-writable, but still world-readable. Can you investigate whether that's a real issue or otherwise mitigated in the Debian packagin? Cheer