[Pkg-privacy-maintainers] Bug#915859: Bug#915859: uses a fixed filename in /tmp
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 7 15:51:05 GMT 2018
Conrol: retitle -1 onionshare: CVE-2018-19960: uses a fixed filename in /tmp
Hi,
So it will additionally allow potentially denial of service on
multi-user systems.
Not sure if the grave severity is warranted, though, will leave this
discussion to you both :)
For tracking the issue, I have requested a CVE from MITRE, which got
assigned CVE-2018-19960.
Regards,
Salvatore
More information about the Pkg-privacy-maintainers
mailing list