[Bug 44171] Re: insecure socket file creation
New package fixing this issue uploaded to edgy. ** Changed in: spread (Ubuntu) Status: Confirmed = Fix Committed -- insecure socket file creation https://launchpad.net/bugs/44171 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 44171] Re: insecure socket file creation
spread (3.17.3-4ubuntu1) edgy; urgency=low * Merge from debian unstable: - /var/run/spread created by the init script if it does not exist. spread (3.17.3-4) unstable; urgency=high * CVE-2006-3118: insecure temporary file handling (Closes: #375617) * Build depends now on dpatch * Update standards version to 3.7.2 -- Jeremie Corbier [EMAIL PROTECTED] Fri, 22 Sep 2006 19:49:11 -0700 ** Changed in: spread (Ubuntu) Assignee: (unassigned) = Jérémie Corbier Status: Fix Committed = Fix Released -- insecure socket file creation https://launchpad.net/bugs/44171 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 44171] Re: insecure socket file creation
This is indeed pretty low impact. It does not allow a symlink attack since the file is deleted before usage, and the small race between unlink() and bind() does not hurt too much either since bind() will just fail if the file already exists. So there are two minor consequences: * It removes a file /tmp/port which might just happen to be a file which you still need * It opens a small race condition for a local DoS. ** Changed in: spread (Ubuntu) Importance: Medium = Low Status: Unconfirmed = Confirmed -- insecure socket file creation https://launchpad.net/bugs/44171 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs