CVE-2013-6412 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6412): The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors. Maintainer(s), this issue appears to be fixed in 1.2.0 and higher. Please bump to a non-vulnerable version and call for stabilization when ready.
please stabilize 1.3.0. note that it fails test, but it fails tests in the same way 1.1.0 does, so hope it isn't an issue.
@arches, please stabilize the following: =app-admin/augeas-1.5.0
Stable for HPPA.
Stable on alpha.
amd64 stable
x86 stable
sparc stable
ppc stable
ia64 stable. Maintainer(s), please cleanup. Security, please vote.
oh, I cleaned this up 12 hours ago, removing myself from cc :D
GLSA Vote: No