Date: Mon, 13 Oct 2008 23:14:04 +1100 From: Steffen Joeris <steffen.joeris@...lelinux.de> To: oss-security <oss-security@...ts.openwall.com> Cc: coley@...re.org Subject: CVE id request: qemu Hi I think this one is still unassigned. The qemu-make-debian-root script is prone to a symlink attack. I am not sure, if other vendors use it, but I guess it can't hurt to get a CVE id assigned. :) Debian Bugreport: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496394 Cheers Steffen Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ