debian/sympa.postinst for the Debian Sympa package before...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 29, 2023
Description
Published by the National Vulnerability Database
Oct 10, 2020
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 29, 2023
debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group)
References