tags 310692 -security severity 310692 wishlist retitle 310692 fixproc not installed by Debian packages thanks
Hi Moritz, > Insecure generation of temp files in fixproc potentially allows > arbitrary command execution through a symlink attack. Please see > this URL for details: > http://www.zataz.net/adviso/net-snmp-05182005.txt the Debian packages don't install fixproc, at all, so we're not vulnerable in this case. I converted this bug report into a whishlist to include fixproc post-sarge, of course with the security fix applied :-) Thanks, Jochen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
