|| ||Foresight Linux Essential Announcement Service <firstname.lastname@example.org>|
|| ||FLEA-2007-0005-1: slocate|
|| ||Thu, 29 Mar 2007 18:28:07 -0400|
|| ||email@example.com, firstname.lastname@example.org, email@example.com|
Foresight Linux Essential Advisory: 2007-0005-1
Previous versions of the slocate package were vulnerable to an
information-disclosure vulnerability. Slocate did not properly manage
database entries that specify names of files in protected directories.
Thus, for example, a user could see via slocate the names of files in a
directory chmodded 711.
to post comments)