Date: Sat, 29 Dec 2012 11:31:43 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: oss-security@...ts.openwall.com Cc: team@...urity.debian.org Subject: Inkscape reads .eps files from /tmp instead of the current directory Hi Going trough some bugreports in Debian I noticed ,  I haven't found a CVE for "Inkscape reads .eps files from /tmp instead of the current directory". If one has file foo.eps in current directory, and /tmp/foo.eps is present $ inkscape foo.eps opens the copy in /tmp/foo.eps Does this warrants a CVE? If so could you assign one? : http://bugs.debian.org/654341 : https://bugs.launchpad.net/inkscape/+bug/911146 Regards, Salvatore [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ