This bug was fixed in the package bcfg2 - 1.1.1-2ubuntu1.2
--------------- bcfg2 (1.1.1-2ubuntu1.2) natty-security; urgency=high
* SECURITY UPDATE: missing input sanitization allowing execution of arbitrary commands (LP: #844743) - patch: 0008-Backported-unescaped-shell-command-fixes-from-master.patch backported from upstream by Chris St. Pierre - https://github.com/fabaff/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53 - CVE-2011-3211 -- Julian Taylor <email address hidden> Thu, 08 Sep 2011 14:53:11 +0200
This bug was fixed in the package bcfg2 - 1.1.1-2ubuntu1.2
---------------
bcfg2 (1.1.1-2ubuntu1.2) natty-security; urgency=high
* SECURITY UPDATE: missing input sanitization allowing execution -unescaped- shell-command- fixes-from- master. patch /github. com/fabaff/ bcfg2/commit/ 46795ae451ca6ed e55a0edeb726978 aef4684b53
of arbitrary commands (LP: #844743)
- patch: 0008-Backported
backported from upstream by Chris St. Pierre
- https:/
- CVE-2011-3211
-- Julian Taylor <email address hidden> Thu, 08 Sep 2011 14:53:11 +0200