| Release | Version |
|---|---|
| jessie | 1.3.5-1+deb8u1 |
| stretch | 1.4.0~pre2+git141-g6d40dace6358-1 |
| buster | 1.4.0~pre2+git141-g6d40dace6358-2 |
| Bug | Description |
|---|---|
| TEMP-0406285-531EEA | bcfg2 password disclosure |
| CVE-2012-3366 | The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers ... |
| CVE-2011-3211 | The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remo ... |
| CVE-2007-2385 | The Yahoo! UI framework exchanges data using JavaScript Object Notatio ... |
| DSA / DLA | Description |
|---|---|
| DSA-2503-1 | bcfg2 - shell command injection |
| DSA-2302-1 | bcfg2 - arbitrary code execution |