Comment 10 for bug 844743

This bug was fixed in the package bcfg2 - 0.9.5.7-1ubuntu0.1

---------------
bcfg2 (0.9.5.7-1ubuntu0.1) hardy-security; urgency=high

  * SECURITY UPDATE: missing input sanitization allowing execution
    of arbitrary commands (LP: #844743)
    - backported fix from upstream by Chris St. Pierre
    - https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1
    - CVE-2011-3211
 -- Julian Taylor <email address hidden> Thu, 08 Sep 2011 15:27:29 +0200