[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE Request: XML-DT: Insecure use of temporary files
From: Salvatore Bonaccorso <carnil () debian ! org>
Date: 2014-07-31 5:12:28
Message-ID: 20140731051228.GA6391 () lorien ! valinor ! li
[Download RAW message or body]
Hi
Steve Kemp reported to to the Debian BTS in [1] that the XML-DT Perl
module distribution contains mkdtskel and mkxmltype using insecurely
temporary files using the pid of the process in the temporary file
name.
[1] https://bugs.debian.org/756566
Could a CVE be assigned for this issue?
Regards,
Salvatore
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic