Bug#671255: CVE-2012-2451: CWE-377 Insecure Temporary File
gregor herrmann
gregoa at debian.org
Sun May 6 13:20:03 UTC 2012
On Wed, 02 May 2012 22:02:13 +0300, Henri Salo wrote:
> https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59
> CVE-identifier assigned in here: http://seclists.org/oss-sec/2012/q2/225
Attached is a backport of the fix for squeeze; reviews welcome.
Dear security and release teams: Please advise on how to proceed;
does s-p-u sound right for this isse?
Cheers,
gregor
--
.''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
: :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/
`. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
`- NP: Dire Straits: Tunnel Of Love
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 671255-squeeze.diff
Type: text/x-diff
Size: 1886 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20120506/d2aaee55/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20120506/d2aaee55/attachment.pgp>
More information about the pkg-perl-maintainers
mailing list