Quoting Florian Weimer (2015-12-10 03:40:39)
> * Jonas Smedegaard:
>
> > git-repair uses /tmp/tmprepo.0/.git/ which is clearly static, and I
> > believe therefore (on non-hardened systems) insecure.
>
> I think it does mkdir and if it fails, it tries again with
> /tmp/tmprepo.1, /tmp/tmrepo.2, an
* Jonas Smedegaard:
> git-repair uses /tmp/tmprepo.0/.git/ which is clearly static, and I
> believe therefore (on non-hardened systems) insecure.
I think it does mkdir and if it fails, it tries again with
/tmp/tmprepo.1, /tmp/tmrepo.2, and so on. I'm not sure you can abuse
this and fool git-repa
Package: git-repair
Version: 1.20150106-2
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
git-repair uses /tmp/tmprepo.0/.git/ which is clearly static, and I
believe therefore (on non-hardened systems) insecure.
- Jonas
-BEGIN
3 matches
Mail list logo
