Hi Bastian I was wondering, what are your plans for lenny regarding the insecure tempfile issue (CVE-2008-5138)[0]? From what I can see the script is not available in sid anymore, so can we just drop it? Otherwise it shouldn't be too hard to come up with a patch using mktemp. I am happy to take care of that and NMU, if the script is still needed, but wanted to check with you first.
Cheers Steffen [0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5138
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
