This bug was fixed in the package libimobiledevice - 1.1.4-1ubuntu3.2
---------------
libimobiledevice (1.1.4-1ubuntu3.2) quantal-security; urgency=low
* SECURITY UPDATE: insecure /tmp usage (LP: #1164263)
- debian/patches/CVE-2013-2142.patch: fall back to getpwuid_r instead
of using /tmp in src/userpref.c. Added string_concat() function in
src/Makefile.am, src/utils.c, src/utils.h.
- added new symbol to debian/libimobiledevice3.symbols.
- CVE-2013-2142
-- Marc Deslauriers <[email protected]> Wed, 14 Aug 2013 11:56:31
-0400
** Changed in: libimobiledevice (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: libimobiledevice (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1164263
Title:
user-specific and possible private files are written to a global
location
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libimobiledevice/+bug/1164263/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
