Description: A weakness has been discovered in iSCSI Enterprise Target, which can be exploited by malicious, local users to disclose sensitive information. The weakness is caused due to the install script applying world readable permissions to the "/etc/ietd.conf" file, which can be exploited to e.g. disclose user names and passwords. The weakness is confirmed in version 0.4.15. Other versions may also be affected. Solution: Apply correct file permissions to "/etc/ietd.conf". Provided and/or discovered by: Reported in a Debian bug by Martin Zobel-Helas. Original Advisory: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448873
robbat2, please provide a fixed ebuild.
in cvs.
Thanks for the fast fix.