sudo-1.7.2p6-2.fc13
Till Maas
opensource at till.name
Tue Jun 15 11:54:06 UTC 2010
On Tue, Jun 15, 2010 at 07:28:40AM -0400, Stephen Gallagher wrote:
> Can someone explain to me why a package whose update comment lists
> "added patch that fixes insufficient environment sanitization issue
> (CVE-2010-1646)" is not marked as a security bug?
No, because according to the Bodhi web interface it is a security
update:
https://admin.fedoraproject.org/updates/sudo-1.7.2p6-2.fc13
If it is not in some other interface, it usually helps to specify where
it is not.
Regards
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20100615/c238c108/attachment-0001.bin
More information about the devel
mailing list