-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-10-05 11:44:56 UTC
-
Revision ID:
james.westby@ubuntu.com-20091005114456-9umr953shdkf3tp3
Tags: 3.0.0-4ubuntu1.1
* SECURITY UPDATE: authorization bypass via ClientNameAlias function
- lib/BackupPC/CGI/EditConfig.pm: disable ClientNameAlias usage by
normal users
- Patch based on:
http://patch-tracker.debian.org/patch/misc/view/backuppc/3.1.0-7/lib/BackupPC/CGI/EditConfig.pm
- CVE-2009-3369