pkg/32399: scponly: ALL VERSIONS PRIOR TO 4.2 ARE VULNERABLE; audit-packages is quiet

To: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/32399: scponly: ALL VERSIONS PRIOR TO 4.2 ARE VULNERABLE; audit-packages is quiet
From: netbsd%eq.cz@localhost
Date: Wed, 28 Dec 2005 11:35:00 +0000 (UTC)

>Number:         32399
>Category:       pkg
>Synopsis:       scponly: ALL VERSIONS PRIOR TO 4.2 ARE VULNERABLE; 
>audit-packages is quiet
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Dec 28 11:35:00 +0000 2005
>Originator:     rudolf
>Release:        
>Organization:
>Environment:
>Description:
As reported on it's homepage (http://www.sublimation.org/scponly/), all 
versions prior to 4.2 have some security flaws. audit-packages should report 
it, but it doesn't.
>How-To-Repeat:
Install audit-packages and scponly from the latest stable pkgsrc (2005-Q4), 
download-vulnerability-list, launch audit-packages.
>Fix:
Add an entry to audit-packages db. Ideally upgrade the scponly package to 
unaffected version too.

Prev by Date: Re: pkg/32252 (a package for Freenet6 TSPC)
Next by Date: PR/32252 CVS commit: pkgsrc/net/tspc
Previous by Thread: pkg/32398: Maintainer update: net/ipa 1.3.6 -> sysutils/ipa 2.0
Next by Thread: PR/32252 CVS commit: pkgsrc/net/tspc
Indexes:

Home | Main Index | Thread Index | Old Index