[Fedora-directory-devel] Please review: bug 174837: CVE-2005-3630 use of IFRAME exposes password from adm.conf for users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837
Bug(s) fixed: 174837
Bug Description: CVE-2005-3630 use of IFRAME exposes password from adm.conf for users 
Reviewed by: ???
Files: https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121993
Branch: HEAD
Fix Description: Just use the existing Apache security mechanisms to deny access to everything by default, then allow access to certain directories. In addition, there is a patch file I've checked in which can apply these diffs to an existing FDS 1.0 installtion. I've changed the packaging makefile to package the patch file into the setup directory where it will be used to patch an upgrade install of FDS 1.0.1 on top of FDS 1.0. 
Platforms tested: Fedora Core 4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994
[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux