Bug#744817: CVE request: insecure temporary file handling in clang's scan-build utility
Sylvestre Ledru
sylvestre at debian.org
Mon Jun 16 20:51:58 UTC 2014
On 19/04/2014 05:29, cve-assign at mitre.org wrote:
> > Jakub Wilk discovered that clang's scan-build utility insecurely handled
> > temporary files.
>
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817
>
> > The GetHTMLRunDir subroutine ...
>
> > 3) The function doesn't fail if the directory already exists, even if
> > it's owned by another user.
>
> Use CVE-2014-2893.
>
I think I fixed it upstream:
http://llvm.org/viewvc/llvm-project?view=revision&revision=211051
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/scan-build/scan-build?r1=210971&r2=211051&pathrev=211051
I've just uploaded llvm-snapshot-3.4. I prepared 3.3 and I will upload
the snapshot later.
Sylvestre
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 880 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-llvm-team/attachments/20140616/f562840e/attachment.sig>
More information about the Pkg-llvm-team
mailing list