Comment 7 for bug 844743

This bug was fixed in the package bcfg2 - 1.1.1-2ubuntu1.2

---------------
bcfg2 (1.1.1-2ubuntu1.2) natty-security; urgency=high

  * SECURITY UPDATE: missing input sanitization allowing execution
    of arbitrary commands (LP: #844743)
    - patch: 0008-Backported-unescaped-shell-command-fixes-from-master.patch
      backported from upstream by Chris St. Pierre
    - https://github.com/fabaff/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53
    - CVE-2011-3211
 -- Julian Taylor <email address hidden> Thu, 08 Sep 2011 14:53:11 +0200