Hi,
the first issue got CVE id CVE-2008-0665 and the other
issues got CVE-2008-0666.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpexCXzeHjpx.pgp
Description: PGP signature
Hi,
attached is an updated patch which I will upload as a 0-day
NMU with permission of the maintainer.
Many thanks to Frank for his input!
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 enc
Hi,
I found a similar issue in wml_contrib/wmg.cgi which we also install in our
package:
369 $tmpfile = "/tmp/pe.tmp.$$";
370 unlink($tmpfile);
371 open(TMP, ">$tmpfile");
372 print TMP $contents;
373 close(TMP);
374 ope
Hi Felipe,
* Felipe Augusto van de Wiel (faw) <[EMAIL PROTECTED]> [2008-02-06 18:26]:
> On 04-02-2008 10:16, Nico Golde wrote:
> > * Frank Lichtenheld <[EMAIL PROTECTED]> [2008-02-04 12:56]:
[...]
> >> $tmpdir = $ENV{'TMPDIR'} || '/tmp';
> >> $tmpfile = $tmpdir . "/ipp.$$.tmp";
> >> unlink($tmpfil
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
tags 463907 + confirmed
thanks
On 04-02-2008 10:16, Nico Golde wrote:
> * Frank Lichtenheld <[EMAIL PROTECTED]> [2008-02-04 12:56]:
>> Package: wml
>> Version: 2.0.11-1
>> Severity: serious
>> Tags: security
>>
>> The following code in wml_backend/p1_
severity 463907 grave
thanks
Hi,
* Frank Lichtenheld <[EMAIL PROTECTED]> [2008-02-04 12:56]:
> Package: wml
> Version: 2.0.11-1
> Severity: serious
> Tags: security
>
> The following code in wml_backend/p1_ipp/ipp.src is obviously unsafe
> (and actually causing practical problems during the Debia
Package: wml
Version: 2.0.11-1
Severity: serious
Tags: security
The following code in wml_backend/p1_ipp/ipp.src is obviously unsafe
(and actually causing practical problems during the Debian website
build):
$tmpdir = $ENV{'TMPDIR'} || '/tmp';
$tmpfile = $tmpdir . "/ipp.$$.tmp";
unlink($tmpfile);
7 matches
Mail list logo
