The fix is for some third party shell scripts which I don't think anyone
uses and I am thinking of dumping. I did not announce 2.1.16 since it
contains nothing new. It is simply the patch release that has been in
svn for about 4 months. I am catching up.
M
On Sun, 2005-10-02 at 19:36 -0400, Jeff Sheltren wrote:
On Oct 2, 2005, at 1:34 PM, Lance Albertson wrote:
I just got a report that debian has released [1] a security fix for
cfengine. Is this something thats old or something thats new? I
couldn't
find much information about it anywhere. Feel free to comment on the
gentoo bug [2].
Thanks!
[1] http://www.debian.org/security/2005/dsa-836
[2] http://bugs.gentoo.org/show_bug.cgi?id=107871
--
Lance Albertson <ramereth@gentoo.org>
Gentoo Infrastructure | Operations Manager
I can't find any info on it either. The CAN entry only shows
'reserved' - not very helpful. I can't figure out a way to see the
patch without having access to a debian machine; anyone know how to
do that (or have a debian box so you can show the patch contents)?
This looks like the patch:
* Applied patch by Javier Fernández-Sanguino Peña to fix insecure
temporary file creation [debian/patches/010_CAN-2005-2960_tmpfile]
On another note, I just noticed that 2.1.16 is the current version on
cfengine.org - did I just miss the announcement, or was there one?
-Jeff
_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://lists.gnu.org/mailman/listinfo/help-cfengine
_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://lists.gnu.org/mailman/listinfo/help-cfengine