Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 17 Jan 2014 21:07:01 -0500 (EST)
From: cve-assign@...re.org
To: dkg@...thhorseman.net
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> an insecure tempfile usage in rply
> 
> http://bugs.debian.org/735263
> 
> https://github.com/alex/rply/commit/fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c

Use CVE-2014-1604.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJS2eFKAAoJEKllVAevmvmslHkIAMQsuOlcHjs2LY/fv3KhtSII
3Nj/uIT2Ha9h+lzIgA4fgpBEhTctrSolyJ8i4+sE2xTrXjhThZpffoeMB2Fewozw
KBsBooOBocqSPy6gihC7MKzyU+xctJ7UYJ7zEbgUEPmCGtT+lgOWRMpO/7V5NhJ9
2BH3LGamK1cp13k4aR6Y7sK4SwjVbnJiraNo5a2zkTDjmRRPkKzTdJuxQeT2y3xF
G6VCqctF2e/FpC7lchPXsoF0VGnDwVWCjkiydpYVWHFqQTVFsrVa9Rz2T8inbJuC
qaUrje7sYphml0RmB1wGISH3OZKsfSo+XhzfaQSSYvb2dUT8nflPRoDNtIK70MU=
=ScxP
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ