On Thu, Jan 08, 2009 at 11:20:43PM +0000, Adam D. Barratt wrote: > The devscripts package in etch has an insecure temporary directory issue > when signing files which are copied from a remote machine; see #507482. > > The security team don't consider this to warrant a DSA - would it be > suitable for a stable update? I've attached a minimal debdiff.
Would be acceptable, but I wonder if the usage of $TEMP_DIR after cd and rm should be quoted? Kind regards, Philipp Kern -- .''`. Philipp Kern Debian Developer : :' : http://philkern.de Release Assistant `. `' xmpp:[email protected] Stable Release Manager `- finger pkern/[email protected]
signature.asc
Description: Digital signature
