Hi, There is a race condition in unzip 5.52 that can be exploited to change the permission of files (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 )
A better description here: http://marc.theaimsgroup.com/?l=bugtraq&m=112300046224117&w=2 It will be corrected in Unzip 5.53 but before release, it can be handy to have a patch. I did adapt the Fedora patch (for 5.51) to 5.52 Regards, -- Jerome Pinot http://ngc891.blogdns.net/
unzip-5.52-toctou-1.patch
Description: Binary data
-- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
