Bug#344029: Insecure /tmp file handling in libmail-audit-perl in
Sarge (+patch)
Martin Schulze
joey at infodrom.org
Sun Jan 15 10:49:06 UTC 2006
Gunnar Wolf wrote:
> Martin Schulze dijo [Sat, Jan 14, 2006 at 08:43:57AM +0100]:
> > Gunnar Wolf wrote:
> > > Hi,
> > >
> > > The bug is indeed important, even if it is not easily exploitable, and
> > > the fix is trivial. I am pushing it to the security team so they can
> > > apply it to the version in Sarge as well.
> >
> > Please use CVE-2005-4536 for this problem.
> >
> > Are you in contact with upstream?
>
> Upstream has abandoned this package and suggest replacing it - But
> it's present in Sarge (the complete information is in the bug
> report).
Ok. I'll prepare a DSA with updates for sarge and woody.
Regards,
Joey
--
Given enough thrust pigs will fly, but it's not necessarily a good idea.
Please always Cc to me when replying to me on the lists.
More information about the pkg-perl-maintainers
mailing list