[bug-notifications] [findutils 0004769]: Current stable release is vulnerable to CVE-2007-2452

Mantis Bug Tracker noreply at opencsw.org
Sun May 15 15:31:28 CEST 2011


The following issue has been CLOSED 
====================================================================== 
https://www.opencsw.org/mantis/view.php?id=4769 
====================================================================== 
Reported By:                jay
Assigned To:                bwalton
====================================================================== 
Project:                    findutils
Issue ID:                   4769
Category:                   upgrade
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     closed
Resolution:                 open
Fixed in Version:           
====================================================================== 
Date Submitted:             2011-05-14 14:50 CEST
Last Modified:              2011-05-15 15:31 CEST
====================================================================== 
Summary:                    Current stable release is vulnerable to
CVE-2007-2452
Description: 
GNU Findutils release 4.2.31 fixes CVE-2007-2452 but stable is 4.2.30, and
so it's vulnerable.
====================================================================== 

---------------------------------------------------------------------- 
 (0009051) bwalton (manager) - 2011-05-15 15:31
 https://www.opencsw.org/mantis/view.php?id=4769#c9051 
---------------------------------------------------------------------- 
Hi Jay,

At this point, I'd advise updating to current.  I contains 4.4.2 (among
other things).  Stable is over 3 years old now.

Thanks
-Ben



More information about the bug-notifications mailing list