[Bug 1036211] Re: xdiagnose has a symlink attack due to improperly named file in /tmp

Launchpad Bug Tracker Tue, 02 Oct 2012 12:21:44 -0700

This bug was fixed in the package xdiagnose - 2.5.2ubuntu0.1

---------------
xdiagnose (2.5.2ubuntu0.1) precise-security; urgency=low


  * SECURITY UPDATE: fix insecure temporary file creation
    - xdiagnose/welcome.py: remove 'Archive' option and on_make_archive()
      as people should be using 'ubuntu-bug xorg' anyway. Patch thanks
      to Bryce Harrington.
    - CVE-2012-XXXX
    - LP: #1036211
 -- Jamie Strandboge <ja...@ubuntu.com>   Mon, 01 Oct 2012 17:04:28 -0500

** Changed in: xdiagnose (Ubuntu Precise)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1036211

Title:
  xdiagnose has a symlink attack due to improperly named file in /tmp

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xdiagnose/+bug/1036211/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1036211] Re: xdiagnose has a symlink attack due to improperly named file in /tmp

Reply via email to