Date: Wed, 14 May 2008 19:05:58 +0200 From: Nico Golde <oss-security+ml@...lde.de> To: oss-security@...ts.openwall.com Subject: Re: CVE id request: uudeview Hi, * Nico Golde <oss-security+ml@...lde.de> [2008-05-13 21:39]: > can I get a CVE id for uudeview? > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 > > It makes use of tempnam which is known to be insecure to > generate temporary files. Looks like CAN-2004-2265 was reintroduced, have a look at: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320541 Same issue, rewritten code. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ