1
Candidate: CVE-2011-3211
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3211
6
The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote
7
attackers to execute arbitrary commands via shell metacharacters in data
8
received from a client.
12
https://bugs.launchpad.net/ubuntu/+source/bcfg2/+bug/844743
13
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028
19
patch: https://bugs.launchpad.net/ubuntu/+source/bcfg2/+bug/844743
20
upstream: https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1
21
upstream: https://github.com/fabaff/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53
22
upstream_bcfg2: released (1.1.2-2)
23
hardy_bcfg2: released (0.9.5.7-1ubuntu0.1)
24
lucid_bcfg2: released (0.9.6-0ubuntu2.1.10.04.1)
25
maverick_bcfg2: released (0.9.6-0ubuntu2.1.10.10.1)
26
natty_bcfg2: released (1.1.1-2ubuntu1.2)
27
devel_bcfg2: released (1.1.2-2ubuntu1)