On Fri, Dec 22, 2006 at 06:42:41PM +0100, Stefan Fritsch wrote:
> A vulnerability has been reported in Netrik:
Thanks for the report. Security update for Sarge is building now.
Patch attached:
Steve
--
--- form-file.c 2003-08-06 10:28:45.0 +
+++ /home/skx/form-file.c 20
Package: netrik
Severity: grave
Tags: security
Justification: user security hole
A vulnerability has been reported in Netrik:
The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier
does not properly verify temporary filenames when editing textarea
fields, which allows attackers to
2 matches
Mail list logo
