Bugzilla – Bug 58897
VUL-0: CVE-2004-0755: possible file permissions problem in ruby
Last modified: 2021-10-14 14:36:26 UTC
Debian released an advisory which you can find here: http://www.nl.debian.org/security/2004/dsa-537 Does this also affect us? Might be we dont ship the ruby CGI package. If we do, I think the bug has very low severity and it is enough to have it fixed in STABLE.
<!-- SBZ_reproduce --> ...
Yes, we deliver ruby-1.8.x in recent distributions, and "CGI" and "session" are included in the main package. Don't exspect packages in STABLE before 20040830, please.
UPDATE: packages will be ready until 20040924
Hi Rüdiger, AFAIK you are the fallback, if maintainer is not there or something like that. I could not solve the problem before I leave for holiday soon, sorry:-| TIA MgE If Oct 11th is ok for 9.2, I'll fix it then.
this is CAN-2004-0755 cgi_session.diff applied for STABLE
closing, since initial comment says to fix this only for STABLE
CVE-2004-0755: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)