It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges. For the stable distribution (squeeze), this problem has been fixed in version 1.0.1-3+squeeze2. For the unstable distribution (sid), this problem has been fixed in version 1.2.2-2. We recommend that you upgrade your bcfg2 packages.
It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges.
For the stable distribution (squeeze), this problem has been fixed in version 1.0.1-3+squeeze2.
For the unstable distribution (sid), this problem has been fixed in version 1.2.2-2.
We recommend that you upgrade your bcfg2 packages.