Debian Security Advisory
DSA-2444-1 tryton-server -- privilege escalation
- Date Reported:
- 29 Mar 2012
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2012-0215.
- More information:
It was discovered that the Tryton application framework for Python allows authenticated users to escalate their privileges by editing the Many2Many field.
For the stable distribution (squeeze), this problem has been fixed in version 1.6.1-2+squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 2.2.2-1.
We recommend that you upgrade your tryton-server packages.