[Bug 408915] Re: Temporary file vulnerability in iscsi_discovery

Launchpad Bug Tracker Thu, 20 Oct 2011 14:11:25 -0700

This bug was fixed in the package open-iscsi - 2.0.865-1ubuntu3.5

---------------
open-iscsi (2.0.865-1ubuntu3.5) hardy-security; urgency=low


  * SECURITY UPDATE: temporary file vulnerability (LP: #408915)
    - utils/iscsi_discovery: use mktemp to store iscsiadm -m discovery result
      rather than writing it to an insecurely-created temporary file. Move
      cleanup sooner so we don't leave files around if nothing is discovered.
    - CVE-2009-1297
 -- Jamie Strandboge <[email protected]>   Thu, 20 Oct 2011 14:23:00 -0500

** Changed in: open-iscsi (Ubuntu Hardy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/408915

Title:
  Temporary file vulnerability in iscsi_discovery

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/open-iscsi/+bug/408915/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 408915] Re: Temporary file vulnerability in iscsi_discovery

Reply via email to