[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential security issue with LedgerSMB (inherited from SL)
- Subject: Re: Potential security issue with LedgerSMB (inherited from SL)
- From: "Chris Travers" <..hidden..>
- Date: Mon, 11 Sep 2006 09:43:17 -0700
Seems like a good candidate for Bugtraq :-) But figured I would suggest waiting until later this week when we have a tentative timeline for the next release so we can coordinate a fix. We can even send Dieter a patch as a goodwill gesture.
Best Wishes,
Chris Travers
On 9/11/06, Richard Patterson <
..hidden..> wrote:
Chris Travers wrote:
> Ok. We need to fix the directory transversal bug. This is a really
> bad thing.
>
> However, I think that the response to the rest of it should be simply
> to document that the addition of new paths under bin is deprecated and
> will be removed in the future so people don't make use this.
>
> Best Wishes,
> Chris Travers
BTW, due to the hostile nature of most of the users in the SL list, i
have only posted this here...
--
Richard Patterson HelpQuick Limited
Tel: 0191 2582888 Fax: 0191 6408666
Jabber chat: ..hidden..
Web:
http://www.helpquick.co.uk
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Ledger-smb-devel mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel