[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE Request: XML-DT: Insecure use of temporary files
From:       Salvatore Bonaccorso <carnil () debian ! org>
Date:       2014-07-31 5:12:28
Message-ID: 20140731051228.GA6391 () lorien ! valinor ! li
[Download RAW message or body]

Hi

Steve Kemp reported to to the Debian BTS in [1] that the XML-DT Perl
module distribution contains mkdtskel and mkxmltype using insecurely
temporary files using the pid of the process in the temporary file
name.

 [1] https://bugs.debian.org/756566

Could a CVE be assigned for this issue?

Regards,
Salvatore
[prev in list] [next in list] [prev in thread] [next in thread]