Date: Fri, 30 May 2008 09:08:29 +0200 From: Robert Buchholz <rbu@...too.org> To: oss-security@...ts.openwall.com Subject: Re: CVE id request: uudeview On Tuesday 13 May 2008, Nico Golde wrote: > It makes use of tempnam which is known to be insecure to > generate temporary files. nzbget before 0.3.0 (I tried 0.2.3) ships a copy of the affected code. Nico's patch applies there fine. As for false positives, Convert-UUlib and pan fixed their copies of the code. Robert [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ