Hi! The symlink attack on the xferfax$$ temporary file is CAN-2005-3069. The "does not create or verify ownership of the UNIX domain socket" vulnerability is CAN-2005-3070.
Please mention these numbers in the changelog when you fix this. Thanks, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org In a world without walls and fences, who needs Windows and Gates?
signature.asc
Description: Digital signature