FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libsoup -- unintentionally allow access to entire local filesystem

Affected packages
libsoup < 2.32.2_3

Details

VuXML ID 30cb4522-b94d-11e0-8182-485d60cb5385
Discovery 2011-06-23
Entry 2011-07-28

Dan Winship reports:

Fixed a security hole that caused some SoupServer users to unintentionally allow accessing the entire local filesystem when they thought they were only providing access to a single directory.

[source]

References

CVE Name CVE-2011-2054
URL http://mail.gnome.org/archives/ftp-release-list/2011-July/msg00176.html
URL https://bugzilla.gnome.org/show_bug.cgi?id=653258

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.