Package: sympa
Version: 5.3.4-5.1
Severity: critical
Tags: security
Justification: root security hole
AFAICT (and thanks to Thijs Kinkhorst [EMAIL PROTECTED] :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494969#21) there are more
insecure use of /tmp in sympa.
One quite nasty is the one
Processing commands for [EMAIL PROTECTED]:
reopen 496518
Bug#496518: Insecure use of /tmp in sympa_wizard may lead to system damage
Bug reopened, originator not changed.
severity 496518 wishlist
Bug#496518: Insecure use of /tmp in sympa_wizard may lead to system damage
Severity set to
reopen 496518
severity 496518 wishlist
retitle 496518 please remove traces of insecure tempfile use
tags 496518 patch
thanks
On Monday 25 August 2008 16:24, Olivier Berger wrote:
Thus, the attached patch may be better, to finally get rid of the /tmp
path.
Too bas, this wasn't really obvious
3 matches
Mail list logo