*** This bug is a security vulnerability *** Public security bug reported:
Apt creates the tempfile for apt-get changelog in a insecure fashion. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763780 for the details ** Affects: apt (Ubuntu) Importance: Undecided Status: New ** Affects: apt (Ubuntu Precise) Importance: Undecided Status: New ** Affects: apt (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: apt (Ubuntu Utopic) Importance: Undecided Status: New ** Affects: apt (Debian) Importance: Unknown Status: Unknown ** Bug watch added: Debian Bug tracker #763780 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763780 ** Also affects: apt (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763780 Importance: Unknown Status: Unknown ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-7206 ** Also affects: apt (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: apt (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: apt (Ubuntu Trusty) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1378680 Title: Insecure tempfile handling Status in “apt” package in Ubuntu: New Status in “apt” source package in Precise: New Status in “apt” source package in Trusty: New Status in “apt” source package in Utopic: New Status in “apt” package in Debian: Unknown Bug description: Apt creates the tempfile for apt-get changelog in a insecure fashion. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763780 for the details To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1378680/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp