On Tue, Aug 04, 2009 at 07:14:21PM +0200, Florian Zumbiehl wrote: > > * Upstream has also fixed createOutputFile to be more secure > > (Closes: #388608) > > Whatever supposedly has been made "more secure" there, this bug rather > obviously hasn't been fixed.
Did you read the source? It's been changed to do: open() chmod(restricted) chown() chmod(intended) which does fix the bug, I believe. -- Paul Martin <p...@debian.org> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org