Date: Thu, 19 Apr 2012 08:29:46 +0200 From: Holger Levsen <holger@...er-acht.org> To: 668667@...s.debian.org Cc: Kurt Seifried <kseifried@...hat.com>, oss-security@...ts.openwall.com, Helmut Grohne <helmut@...divi.de>, "Steven M. Christey" <coley@...us.mitre.org>, Jan Lieskovsky <jlieskov@...hat.com> Subject: Re: [Packaging] Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws On Donnerstag, 19. April 2012, Kenyon Ralph wrote: > On Debian, symlinks to enable plugins are installed by default, and an > apache2 configuration is automatically activated. So, on Debian, if > your httpd is publicly-accessible, the munin pages and CGI will be > publicly-accessible. though on Debian, apache is only accessable on localhost per default.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.