Custom Query (2152 matches)
Results (460 - 462 of 2152)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#859 | invalid | Tests for User model | pudo | dread |
Description |
Test coverage of ckan.model.user is 53%. Notable exception - setting password. Room for improvement? |
|||
#861 | invalid | unicode errors creating rdf output | wwaites | wwaites |
Description | ||||
#871 | invalid | Check whether localhost-only exim installtions need upgrading too | nils.toedtmann | |
Description |
The infamous exim bug only needs one mail with prepared headers to travel through a exim system infect it. All local processes could do that, and some services (e.g. cron, webapps) send messages and might be convinced by malicious remote users to produce evil headers. We should either rule out that this could happen on our systems, or upgrade all exims regardless of whether they are localhost-only or not. BTW did we already run a rootkit checker like Rootkit hunter on eu1? If not we should maybe do it now - there was already an exploit out in the wild. ByteMark? has (a) already observed infections and (b) notified us because they remotely fingerprinted our mailer to be exim<4.70 (our EHLO banner contains the exim version), just as anyone could. |