[Python-modules-team] Bug#652653: python-virtualenv: insecure /tmp file handling
Adam D. Barratt
adam at adam-barratt.org.uk
Fri May 4 19:54:49 UTC 2012
On Fri, 2012-05-04 at 20:40 +0200, Stefano Rivera wrote:
> Hi Adam (2012.05.03_00:21:24_+0200)
> > That happened now, as #661272 which was recently fixed in sid (thanks
> > Stefano!). In terms of getting stable updated, either a 1.4.9-3squeeze2
> > package could be prepared incorporating the extra fixes, or we could
> > reject the original package and fix everything in one upload. Thoughts?
>
> I have prepared an upload to replace the existing one (reject), so that
> I could add edit the changelog to close this bug and mention the CVE.
>
> debdiff attached.
+Description: Cleanup temporary directory created with mkdtemp()
+ This patch was backported from the cleanup_tmpdirs.patch applied in
1.7.1.2-1
+ .
+ The base64 mess is equivalent to:
Nice. :-)
Please go ahead; thanks.
Regards,
Adam
More information about the Python-modules-team
mailing list