*** This bug is a security vulnerability ***
Public security bug reported:
git-effort and git-changelog use fixed name temporary files that can be
used in a symlink attack. The Debian bug contains a patch.
** Affects: git-extras (Ubuntu)
Importance: Undecided
Status: New
** Affects: git-extras (Debian)
Importance: Unknown
Status: Unknown
** Bug watch added: Debian Bug tracker #698490
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698490
** Also affects: git-extras (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698490
Importance: Unknown
Status: Unknown
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-6114
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1103488
Title:
CVE-2012-6114: unsafe usage of temporary files
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git-extras/+bug/1103488/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
