[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] [notification] txt2man unsafe use of tempoarary files
From:       Salvatore Bonaccorso <carnil () debian ! org>
Date:       2013-09-25 20:43:06
Message-ID: 20130925204306.GA5877 () eldamar ! local
[Download RAW message or body]


Hi

This is a notification that CVE-2013-1444 was assigned to the
following issue[1] (affecting Debian and derivatives syncing from
Debian the txt2man package):

txt2man uses tempoary files in /tmp/ (specific /tmp/2222), Debian
applied a patch including:

echo $post > /tmp/2222

in txt2man. This reported by Patrick J Cherry.

References:

 [1] http://bugs.debian.org/724614

Regards,
Salvatore

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]