Changeset 1947 for trunk/packages/invirt-web/debian/changelog

Timestamp:

Dec 30, 2008, 7:52:50 PM (15 years ago)

Author:

price

Message:

fix pts mem vulnerability, with new -encrypt option

File:

• trunk/packages/invirt-web/debian/changelog (modified) (1 diff)

trunk/packages/invirt-web/debian/changelog

@@ -1 +1 @@
 invirt-web (0.0.16) unstable; urgency=low
+
+  * Fix a security vulnerability: traditional `pts mem` is in cleartext
+    and could be spoofed.  Use new -encrypt option, which needs tokens.
 
   * make initscript stop command not leave apache2 processes lying around
     (so that restart works)
 
- -- Greg Price <price@mit.edu>  Fri, 19 Dec 2008 22:34:31 -0500
+ -- Greg Price <price@mit.edu>  Tue, 30 Dec 2008 17:31:48 -0500
 
 invirt-web (0.0.15) unstable; urgency=low