-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I checkouted CVS from upstream site and tried to get diff about this
security problem.
CHANGES said:
0.9.17-rc1 (May 12, 2005)
- removed the use of temp files for handling imports with dynamic
compilation. This removes a whole slew of issues, including a temp file
security issue reported on the email list by Brian Bird. [TR]
- fixed bug with handling of the searchList with dynamic inheritance, as
reported by Brian Bird. [TR]
Latter is outside of Sarge, former is target.
As my quick viewing, only src/Template.py is modified during -r1.115
to -r1.116 (attached).
I'm sorry but I couldn't understand python code well and I didn't
check other code modifing carefully.
It's better to ask upstream author what they changed.
Thanks,
- --
Kenshi Muto
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>
iEYEARECAAYFAkKNyMYACgkQQKW+7XLQPLFKxQCfQ3Nb1fgzR25H8RgHKzePR7LO
pvwAn3J17wA/Ch7q8MlHm04rqZTlzLC1
=DlBx
-----END PGP SIGNATURE-----
r1.115-r1.116.patch
Description: Binary data
