Bug#344029: Insecure /tmp file handling in libmail-audit-perl in
Sarge (+patch)
Gunnar Wolf
gwolf at gwolf.org
Sat Jan 14 21:59:44 UTC 2006
Martin Schulze dijo [Sat, Jan 14, 2006 at 08:43:57AM +0100]:
> Gunnar Wolf wrote:
> > Hi,
> >
> > The bug is indeed important, even if it is not easily exploitable, and
> > the fix is trivial. I am pushing it to the security team so they can
> > apply it to the version in Sarge as well.
>
> Please use CVE-2005-4536 for this problem.
>
> Are you in contact with upstream?
Upstream has abandoned this package and suggest replacing it - But
it's present in Sarge (the complete information is in the bug
report).
--
Gunnar Wolf - gwolf at gwolf.org - (+52-55)1451-2244 / 5623-0154
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF
More information about the pkg-perl-maintainers
mailing list