[Python-modules-team] Bug#652653: python-virtualenv: insecure /tmp file handling
Stefano Rivera
stefanor at debian.org
Sun Apr 22 14:32:47 UTC 2012
notfixed 652653 1.4.9-1
notfound 652653 1.6-1
fixed 652653 1.6-1
thanks
Hi Nico (2011.12.20_22:23:27_+0200)
> I mark this as fixed in 1.4.9-1. It's true that the patch doesn't clean the
> directory, but since that is not security related I don't mind. lenny/squeeze
> still have the vulnerable code.
Err, no, this was only fixed in 1.6.
For the record, the tmp dir cleaning is #661272.
SR
--
Stefano Rivera
http://tumbleweed.org.za/
H: +27 21 465 6908 C: +27 72 419 8559 UCT: x3127
More information about the Python-modules-team
mailing list