[Simon Walter] Bug#506353: mailscanner: many scripts allow local users to overwrite arbitrary files, and more, via symlink attacks

Nick Phillips nwp at nz.lemon-computing.com
Tue Dec 9 22:57:54 GMT 2008

On 10/12/2008, at 10:19 AM, Scott Silva wrote:

> <snip>
>> Why doesn't someone create a deb for release with debian-volatile  
>> then?
>> This generally takes care of constantly updating packages like clam,
>> MailScanner should be there too.
>> We run debian-volatile anywhere  need stuff up to date (Such as
>> mailservers). It works very well.
>> - Brent
> Volunteering?

FWIW, I'm still planning on doing this, but I need to get my own  
debian infrastructure sorted in order to do it. This has been stalled  
on waiting for me getting an autobuilder running, which is far uglier  
than it should be.



More information about the MailScanner mailing list