On Tue, Feb 14, 2006 at 12:54:50AM +0100, Marc 'HE' Brockschmidt wrote:
> > Oops, sorry. The things which are not related or shouldn't be there:
> > - the "my $caller = (caller)[2];" line in get_ssh_connection; that's
> > cruft from my debugging
> > - the change of $& to $1 in line 1460:
> >
Julian Gilbey <[EMAIL PROTECTED]> writes:
> On Mon, Feb 13, 2006 at 10:29:40PM +0100, Marc 'HE' Brockschmidt wrote:
>> Julian Gilbey <[EMAIL PROTECTED]> writes:
>>> Patch attached.
>> As this patch changes random other stuff all over the place, I'm not
>> willing to apply it. Either you provide so
On Mon, Feb 13, 2006 at 10:29:40PM +0100, Marc 'HE' Brockschmidt wrote:
> severity 352723 important
> thanks
>
> Julian Gilbey <[EMAIL PROTECTED]> writes:
> > Line 1627 of /usr/bin/dpkg-sig reads:
> >
> > $DEBUG && (open (LOG, ">", "/tmp/dpkg-sig.log") || die _die("Couldn't
> > open log: $!"
severity 352723 important
thanks
Julian Gilbey <[EMAIL PROTECTED]> writes:
> Line 1627 of /usr/bin/dpkg-sig reads:
>
> $DEBUG && (open (LOG, ">", "/tmp/dpkg-sig.log") || die _die("Couldn't
> open log: $!"));
>
> This is assuming that this file does not exist, is not a symlink and
> so on. T
Package: dpkg-sig
Version: 0.12
Severity: grave
Tags: patch
Line 1627 of /usr/bin/dpkg-sig reads:
$DEBUG && (open (LOG, ">", "/tmp/dpkg-sig.log") || die _die("Couldn't open
log: $!"));
This is assuming that this file does not exist, is not a symlink and
so on. This is a security hole and
5 matches
Mail list logo
